Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FakeAlert!grb


  • Please log in to reply
10 replies to this topic

#1 Easy Victory

Easy Victory

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 25 May 2012 - 01:41 PM

Hello. I am running Windows Vista with SP1 (SP2 has made my computer crash in the past).

I started to receive dozens of error messages, a suspicious-looking window showing a "S.M.A.R.T. scan" was being conducted, my desktop and all its icons and programs disappeared, and my speed started slowing to a crawl. McAfee alerted me to the presence of a FakeAlert!grb virus, and stated it was removed with no further action required, but the problems mentioned earlier still existed.

After reading these forums, I succesfully ran the unhide.exe program, just to give myself peace of mind that I hadn't lost everything. I also ran a full McAfee scan. Upon restart, my computer is still very slow and my background is missing, but at least it's a little better than before.

How can I attack and fix this problem? Thanks for your assistance!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 25 May 2012 - 01:51 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Easy Victory

Easy Victory
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 25 May 2012 - 07:50 PM

Here's the log from TDSS Killer:
16:35:46.0236 0496 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
16:35:47.0858 0496 ============================================================
16:35:47.0858 0496 Current date / time: 2012/05/25 16:35:47.0858
16:35:47.0858 0496 SystemInfo:
16:35:47.0858 0496
16:35:47.0858 0496 OS Version: 6.0.6001 ServicePack: 1.0
16:35:47.0858 0496 Product type: Workstation
16:35:47.0858 0496 ComputerName: COMPUTER
16:35:47.0858 0496 UserName: Brian
16:35:47.0858 0496 Windows directory: C:\Windows
16:35:47.0858 0496 System windows directory: C:\Windows
16:35:47.0858 0496 Processor architecture: Intel x86
16:35:47.0858 0496 Number of processors: 2
16:35:47.0858 0496 Page size: 0x1000
16:35:47.0858 0496 Boot type: Safe boot with network
16:35:47.0858 0496 ============================================================
16:35:48.0514 0496 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:35:48.0514 0496 ============================================================
16:35:48.0514 0496 \Device\Harddisk0\DR0:
16:35:48.0514 0496 MBR partitions:
16:35:48.0514 0496 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
16:35:48.0514 0496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x1117D6A8
16:35:48.0545 0496 ============================================================
16:35:48.0592 0496 C: <-> \Device\Harddisk0\DR0\Partition1
16:35:48.0623 0496 D: <-> \Device\Harddisk0\DR0\Partition0
16:35:48.0623 0496 ============================================================
16:35:48.0623 0496 Initialize success
16:35:48.0623 0496 ============================================================
16:35:54.0442 1980 ============================================================
16:35:54.0442 1980 Scan started
16:35:54.0442 1980 Mode: Manual; TDLFS;
16:35:54.0442 1980 ============================================================
16:35:54.0972 1980 ac.sharedstore (00659e56339389469473aec41587e706) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
16:35:54.0972 1980 ac.sharedstore - ok
16:35:55.0175 1980 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
16:35:55.0175 1980 ACPI - ok
16:35:55.0253 1980 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
16:35:55.0268 1980 adfs - ok
16:35:55.0331 1980 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:35:55.0331 1980 Adobe LM Service - ok
16:35:55.0424 1980 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:35:55.0440 1980 adp94xx - ok
16:35:55.0502 1980 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:35:55.0502 1980 adpahci - ok
16:35:55.0534 1980 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:35:55.0534 1980 adpu160m - ok
16:35:55.0596 1980 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:35:55.0596 1980 adpu320 - ok
16:35:55.0658 1980 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:35:55.0674 1980 AeLookupSvc - ok
16:35:55.0721 1980 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
16:35:55.0721 1980 AESTFilters - ok
16:35:55.0783 1980 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
16:35:55.0783 1980 AFD - ok
16:35:55.0830 1980 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:35:55.0830 1980 agp440 - ok
16:35:55.0877 1980 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:35:55.0877 1980 aic78xx - ok
16:35:55.0908 1980 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:35:55.0908 1980 ALG - ok
16:35:55.0955 1980 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:35:55.0955 1980 aliide - ok
16:35:56.0002 1980 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:35:56.0002 1980 amdagp - ok
16:35:56.0017 1980 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:35:56.0017 1980 amdide - ok
16:35:56.0080 1980 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:35:56.0080 1980 AmdK7 - ok
16:35:56.0111 1980 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
16:35:56.0111 1980 AmdK8 - ok
16:35:56.0173 1980 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:35:56.0173 1980 ApfiltrService - ok
16:35:56.0220 1980 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:35:56.0220 1980 Appinfo - ok
16:35:56.0329 1980 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:35:56.0345 1980 Apple Mobile Device - ok
16:35:56.0392 1980 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:35:56.0392 1980 arc - ok
16:35:56.0454 1980 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:35:56.0454 1980 arcsas - ok
16:35:56.0782 1980 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:35:56.0813 1980 aspnet_state - ok
16:35:56.0860 1980 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:56.0860 1980 AsyncMac - ok
16:35:56.0906 1980 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
16:35:56.0906 1980 atapi - ok
16:35:56.0969 1980 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:35:56.0984 1980 AudioEndpointBuilder - ok
16:35:56.0984 1980 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:35:56.0984 1980 Audiosrv - ok
16:35:57.0140 1980 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
16:35:57.0250 1980 Autodesk Content Service - ok
16:35:57.0281 1980 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:35:57.0281 1980 Beep - ok
16:35:57.0343 1980 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
16:35:57.0359 1980 BFE - ok
16:35:57.0499 1980 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
16:35:57.0546 1980 BITS - ok
16:35:57.0608 1980 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:35:57.0608 1980 blbdrive - ok
16:35:57.0718 1980 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:35:57.0718 1980 Bonjour Service - ok
16:35:57.0749 1980 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
16:35:57.0749 1980 bowser - ok
16:35:57.0780 1980 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:35:57.0796 1980 BrFiltLo - ok
16:35:57.0811 1980 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:35:57.0811 1980 BrFiltUp - ok
16:35:57.0842 1980 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:35:57.0842 1980 Browser - ok
16:35:57.0889 1980 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:35:57.0889 1980 Brserid - ok
16:35:57.0905 1980 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:35:57.0905 1980 BrSerWdm - ok
16:35:57.0920 1980 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:35:57.0936 1980 BrUsbMdm - ok
16:35:57.0952 1980 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:35:57.0952 1980 BrUsbSer - ok
16:35:57.0998 1980 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:35:57.0998 1980 BTHMODEM - ok
16:35:58.0076 1980 Cam3820 (c2c327091624fbbc65adadc032234776) C:\Windows\system32\Drivers\cam3820a.sys
16:35:58.0076 1980 Cam3820 - ok
16:35:58.0123 1980 catchme - ok
16:35:58.0170 1980 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:35:58.0170 1980 cdfs - ok
16:35:58.0201 1980 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
16:35:58.0201 1980 cdrom - ok
16:35:58.0248 1980 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:35:58.0248 1980 CertPropSvc - ok
16:35:58.0310 1980 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
16:35:58.0310 1980 cfwids - ok
16:35:58.0373 1980 Change Modem Device Service (dc9adb12ec436dfbb62cd6a23ad4cfcf) C:\Windows\system32\ChgService.exe
16:35:58.0373 1980 Change Modem Device Service - ok
16:35:58.0404 1980 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:35:58.0404 1980 circlass - ok
16:35:58.0451 1980 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
16:35:58.0451 1980 CLFS - ok
16:35:58.0544 1980 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:58.0544 1980 clr_optimization_v2.0.50727_32 - ok
16:35:58.0622 1980 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:35:58.0638 1980 clr_optimization_v4.0.30319_32 - ok
16:35:58.0700 1980 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:35:58.0700 1980 CmBatt - ok
16:35:58.0747 1980 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:35:58.0747 1980 cmdide - ok
16:35:58.0810 1980 cmnsusbser (675d67423980fc1784b93aa47d350a31) C:\Windows\system32\DRIVERS\cmnsusbser.sys
16:35:58.0810 1980 cmnsusbser - ok
16:35:58.0841 1980 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:35:58.0841 1980 Compbatt - ok
16:35:58.0856 1980 COMSysApp - ok
16:35:58.0872 1980 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:35:58.0872 1980 crcdisk - ok
16:35:58.0903 1980 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:35:58.0903 1980 Crusoe - ok
16:35:58.0934 1980 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
16:35:58.0934 1980 CryptSvc - ok
16:35:59.0012 1980 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:35:59.0028 1980 DcomLaunch - ok
16:35:59.0059 1980 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
16:35:59.0059 1980 DfsC - ok
16:35:59.0215 1980 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
16:35:59.0246 1980 DFSR - ok
16:35:59.0402 1980 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
16:35:59.0418 1980 Dhcp - ok
16:35:59.0449 1980 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
16:35:59.0449 1980 disk - ok
16:35:59.0465 1980 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
16:35:59.0480 1980 Dnscache - ok
16:35:59.0605 1980 DockLoginService (13511564cac5a005255765e322c16967) C:\Program Files\Dell\DellDock\DockLogin.exe
16:35:59.0605 1980 DockLoginService - ok
16:35:59.0652 1980 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
16:35:59.0652 1980 dot3svc - ok
16:35:59.0699 1980 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
16:35:59.0699 1980 Dot4 - ok
16:35:59.0730 1980 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:35:59.0730 1980 Dot4Print - ok
16:35:59.0746 1980 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
16:35:59.0746 1980 dot4usb - ok
16:35:59.0792 1980 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:35:59.0792 1980 DPS - ok
16:35:59.0839 1980 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:35:59.0839 1980 drmkaud - ok
16:35:59.0902 1980 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
16:35:59.0902 1980 DXGKrnl - ok
16:35:59.0980 1980 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
16:35:59.0980 1980 e1express - ok
16:35:59.0995 1980 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:35:59.0995 1980 E1G60 - ok
16:36:00.0042 1980 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:36:00.0042 1980 EapHost - ok
16:36:00.0104 1980 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
16:36:00.0104 1980 Ecache - ok
16:36:00.0167 1980 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:36:00.0167 1980 elxstor - ok
16:36:00.0229 1980 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
16:36:00.0245 1980 EMDMgmt - ok
16:36:00.0260 1980 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
16:36:00.0260 1980 ErrDev - ok
16:36:00.0338 1980 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
16:36:00.0338 1980 EventSystem - ok
16:36:00.0448 1980 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
16:36:00.0463 1980 EvtEng - ok
16:36:00.0510 1980 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
16:36:00.0510 1980 exfat - ok
16:36:00.0557 1980 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
16:36:00.0557 1980 fastfat - ok
16:36:00.0604 1980 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:36:00.0604 1980 fdc - ok
16:36:00.0635 1980 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:36:00.0635 1980 fdPHost - ok
16:36:00.0650 1980 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:36:00.0650 1980 FDResPub - ok
16:36:00.0697 1980 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:36:00.0697 1980 FileInfo - ok
16:36:00.0728 1980 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:36:00.0728 1980 Filetrace - ok
16:36:00.0838 1980 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:36:00.0853 1980 FLEXnet Licensing Service - ok
16:36:00.0900 1980 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:36:00.0900 1980 flpydisk - ok
16:36:00.0947 1980 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
16:36:00.0947 1980 FltMgr - ok
16:36:01.0040 1980 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:36:01.0040 1980 FontCache3.0.0.0 - ok
16:36:01.0165 1980 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
16:36:01.0165 1980 FreeAgentGoNext Service - ok
16:36:01.0196 1980 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
16:36:01.0196 1980 Fs_Rec - ok
16:36:01.0228 1980 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:36:01.0228 1980 gagp30kx - ok
16:36:01.0259 1980 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:36:01.0259 1980 GEARAspiWDM - ok
16:36:01.0321 1980 getPlus® Helper (78494ae0f93358179b97571b9e76997c) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
16:36:01.0321 1980 getPlus® Helper - ok
16:36:01.0430 1980 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:36:01.0430 1980 GoogleDesktopManager-051210-111108 - ok
16:36:01.0493 1980 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
16:36:01.0493 1980 GoToAssist - ok
16:36:01.0555 1980 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
16:36:01.0571 1980 gpsvc - ok
16:36:01.0649 1980 gupdate1c9c80a37941b94 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:36:01.0649 1980 gupdate1c9c80a37941b94 - ok
16:36:01.0680 1980 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:36:01.0680 1980 gupdatem - ok
16:36:01.0727 1980 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:36:01.0742 1980 HDAudBus - ok
16:36:01.0774 1980 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:36:01.0774 1980 HidBth - ok
16:36:01.0805 1980 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:36:01.0805 1980 HidIr - ok
16:36:01.0852 1980 hidserv (53d5a2f9ce6ae47d7507727df1da79f8) C:\Windows\System32\hidserv.dll
16:36:01.0852 1980 hidserv - ok
16:36:01.0867 1980 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
16:36:01.0867 1980 HidUsb - ok
16:36:01.0898 1980 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:36:01.0898 1980 hkmsvc - ok
16:36:01.0930 1980 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:36:01.0930 1980 HpCISSs - ok
16:36:02.0054 1980 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:36:02.0054 1980 hpqcxs08 - ok
16:36:02.0086 1980 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:36:02.0086 1980 hpqddsvc - ok
16:36:02.0164 1980 HPSLPSVC (56fc98f1014ea8dc51b92839c32759ec) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:36:02.0179 1980 HPSLPSVC - ok
16:36:02.0273 1980 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
16:36:02.0288 1980 HSF_DPV - ok
16:36:02.0320 1980 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
16:36:02.0320 1980 HSXHWAZL - ok
16:36:02.0382 1980 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
16:36:02.0382 1980 HTTP - ok
16:36:02.0413 1980 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:36:02.0413 1980 i2omp - ok
16:36:02.0460 1980 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:02.0460 1980 i8042prt - ok
16:36:02.0554 1980 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:36:02.0569 1980 IAANTMON - ok
16:36:02.0616 1980 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
16:36:02.0616 1980 iaStor - ok
16:36:02.0663 1980 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:36:02.0663 1980 iaStorV - ok
16:36:02.0819 1980 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:36:02.0834 1980 idsvc - ok
16:36:02.0975 1980 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:36:02.0990 1980 igfx - ok
16:36:03.0146 1980 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:36:03.0146 1980 iirsp - ok
16:36:03.0178 1980 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
16:36:03.0193 1980 IKEEXT - ok
16:36:03.0240 1980 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
16:36:03.0240 1980 IntcHdmiAddService - ok
16:36:03.0271 1980 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
16:36:03.0271 1980 intelide - ok
16:36:03.0302 1980 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:36:03.0302 1980 intelppm - ok
16:36:03.0427 1980 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:36:03.0427 1980 IntuitUpdateService - ok
16:36:03.0474 1980 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:36:03.0490 1980 IPBusEnum - ok
16:36:03.0505 1980 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:03.0505 1980 IpFilterDriver - ok
16:36:03.0552 1980 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
16:36:03.0552 1980 iphlpsvc - ok
16:36:03.0552 1980 IpInIp - ok
16:36:03.0599 1980 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:36:03.0599 1980 IPMIDRV - ok
16:36:03.0630 1980 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:36:03.0630 1980 IPNAT - ok
16:36:03.0724 1980 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
16:36:03.0739 1980 iPod Service - ok
16:36:03.0755 1980 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:36:03.0755 1980 IRENUM - ok
16:36:03.0770 1980 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:36:03.0770 1980 isapnp - ok
16:36:03.0817 1980 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
16:36:03.0817 1980 iScsiPrt - ok
16:36:03.0848 1980 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:36:03.0848 1980 iteatapi - ok
16:36:03.0895 1980 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:36:03.0895 1980 iteraid - ok
16:36:03.0926 1980 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:03.0926 1980 kbdclass - ok
16:36:03.0958 1980 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:03.0958 1980 kbdhid - ok
16:36:03.0989 1980 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:36:03.0989 1980 KeyIso - ok
16:36:04.0051 1980 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
16:36:04.0051 1980 KSecDD - ok
16:36:04.0114 1980 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:36:04.0129 1980 KtmRm - ok
16:36:04.0176 1980 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
16:36:04.0192 1980 LanmanServer - ok
16:36:04.0223 1980 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
16:36:04.0223 1980 LanmanWorkstation - ok
16:36:04.0254 1980 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:36:04.0254 1980 lltdio - ok
16:36:04.0301 1980 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:36:04.0316 1980 lltdsvc - ok
16:36:04.0348 1980 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:36:04.0348 1980 lmhosts - ok
16:36:04.0363 1980 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:36:04.0379 1980 LSI_FC - ok
16:36:04.0410 1980 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:36:04.0410 1980 LSI_SAS - ok
16:36:04.0441 1980 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:36:04.0441 1980 LSI_SCSI - ok
16:36:04.0472 1980 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:36:04.0472 1980 luafv - ok
16:36:04.0535 1980 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
16:36:04.0535 1980 MBAMProtector - ok
16:36:04.0660 1980 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:36:04.0660 1980 MBAMService - ok
16:36:04.0769 1980 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
16:36:04.0769 1980 McAfee SiteAdvisor Service - ok
16:36:04.0878 1980 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
16:36:04.0878 1980 McComponentHostService - ok
16:36:04.0909 1980 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
16:36:04.0909 1980 mcdbus - ok
16:36:05.0034 1980 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:05.0034 1980 McMPFSvc - ok
16:36:05.0034 1980 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:36:05.0034 1980 mcmscsvc - ok
16:36:05.0050 1980 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:36:05.0050 1980 McNaiAnn - ok
16:36:05.0050 1980 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:36:05.0065 1980 McNASvc - ok
16:36:05.0159 1980 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
16:36:05.0174 1980 McODS - ok
16:36:05.0174 1980 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:36:05.0174 1980 McProxy - ok
16:36:05.0252 1980 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:36:05.0252 1980 McShield - ok
16:36:05.0284 1980 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:36:05.0284 1980 mdmxsdk - ok
16:36:05.0330 1980 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:36:05.0330 1980 megasas - ok
16:36:05.0393 1980 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:36:05.0393 1980 MegaSR - ok
16:36:05.0455 1980 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
16:36:05.0455 1980 mfeapfk - ok
16:36:05.0533 1980 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
16:36:05.0533 1980 mfeavfk - ok
16:36:05.0564 1980 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
16:36:05.0564 1980 mfebopk - ok
16:36:05.0611 1980 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:36:05.0611 1980 mfefire - ok
16:36:05.0689 1980 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
16:36:05.0689 1980 mfefirek - ok
16:36:05.0752 1980 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
16:36:05.0752 1980 mfehidk - ok
16:36:05.0783 1980 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:36:05.0783 1980 mfenlfk - ok
16:36:05.0845 1980 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
16:36:05.0845 1980 mferkdet - ok
16:36:05.0876 1980 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
16:36:05.0892 1980 mfevtp - ok
16:36:05.0939 1980 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
16:36:05.0939 1980 mfewfpk - ok
16:36:05.0986 1980 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:36:05.0986 1980 MMCSS - ok
16:36:06.0001 1980 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:36:06.0001 1980 Modem - ok
16:36:06.0032 1980 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:36:06.0032 1980 monitor - ok
16:36:06.0064 1980 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:36:06.0064 1980 mouclass - ok
16:36:06.0095 1980 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:36:06.0095 1980 mouhid - ok
16:36:06.0110 1980 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:36:06.0110 1980 MountMgr - ok
16:36:06.0142 1980 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:36:06.0142 1980 mpio - ok
16:36:06.0173 1980 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:36:06.0173 1980 mpsdrv - ok
16:36:06.0235 1980 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
16:36:06.0235 1980 MpsSvc - ok
16:36:06.0266 1980 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:36:06.0282 1980 Mraid35x - ok
16:36:06.0313 1980 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
16:36:06.0313 1980 MRxDAV - ok
16:36:06.0329 1980 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:06.0344 1980 mrxsmb - ok
16:36:06.0360 1980 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:06.0360 1980 mrxsmb10 - ok
16:36:06.0391 1980 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:06.0391 1980 mrxsmb20 - ok
16:36:06.0422 1980 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
16:36:06.0422 1980 msahci - ok
16:36:06.0454 1980 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:36:06.0454 1980 msdsm - ok
16:36:06.0516 1980 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:36:06.0516 1980 MSDTC - ok
16:36:06.0547 1980 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:36:06.0547 1980 Msfs - ok
16:36:06.0563 1980 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:36:06.0578 1980 msisadrv - ok
16:36:06.0625 1980 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:36:06.0625 1980 MSiSCSI - ok
16:36:06.0625 1980 msiserver - ok
16:36:06.0672 1980 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:36:06.0672 1980 MSKSSRV - ok
16:36:06.0703 1980 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:06.0703 1980 MSPCLOCK - ok
16:36:06.0734 1980 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:36:06.0734 1980 MSPQM - ok
16:36:06.0781 1980 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
16:36:06.0781 1980 MsRPC - ok
16:36:06.0797 1980 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:06.0812 1980 mssmbios - ok
16:36:06.0828 1980 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:36:06.0828 1980 MSTEE - ok
16:36:06.0859 1980 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
16:36:06.0859 1980 Mup - ok
16:36:06.0906 1980 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
16:36:06.0922 1980 napagent - ok
16:36:06.0953 1980 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
16:36:06.0953 1980 NativeWifiP - ok
16:36:07.0031 1980 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
16:36:07.0031 1980 NDIS - ok
16:36:07.0062 1980 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:07.0062 1980 NdisTapi - ok
16:36:07.0078 1980 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:07.0078 1980 Ndisuio - ok
16:36:07.0109 1980 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:07.0109 1980 NdisWan - ok
16:36:07.0124 1980 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:36:07.0124 1980 NDProxy - ok
16:36:07.0156 1980 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
16:36:07.0156 1980 Net Driver HPZ12 - ok
16:36:07.0171 1980 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:36:07.0171 1980 NetBIOS - ok
16:36:07.0218 1980 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
16:36:07.0218 1980 netbt - ok
16:36:07.0249 1980 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:36:07.0249 1980 Netlogon - ok
16:36:07.0296 1980 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:36:07.0296 1980 Netman - ok
16:36:07.0390 1980 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:36:07.0390 1980 NetMsmqActivator - ok
16:36:07.0405 1980 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:36:07.0405 1980 NetPipeActivator - ok
16:36:07.0436 1980 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:36:07.0436 1980 netprofm - ok
16:36:07.0436 1980 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:36:07.0436 1980 NetTcpActivator - ok
16:36:07.0452 1980 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:36:07.0452 1980 NetTcpPortSharing - ok
16:36:07.0624 1980 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
16:36:07.0639 1980 NETw4v32 - ok
16:36:07.0764 1980 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:36:07.0764 1980 nfrd960 - ok
16:36:07.0826 1980 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:36:07.0826 1980 NlaSvc - ok
16:36:07.0936 1980 nosGetPlusHelper (f44addbf29905cb19f52fc9fe6a0efa1) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
16:36:07.0936 1980 nosGetPlusHelper - ok
16:36:07.0998 1980 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
16:36:07.0998 1980 Npfs - ok
16:36:08.0029 1980 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:36:08.0029 1980 nsi - ok
16:36:08.0060 1980 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:36:08.0060 1980 nsiproxy - ok
16:36:08.0154 1980 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
16:36:08.0170 1980 Ntfs - ok
16:36:08.0185 1980 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:36:08.0185 1980 ntrigdigi - ok
16:36:08.0216 1980 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:36:08.0216 1980 Null - ok
16:36:08.0232 1980 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:36:08.0232 1980 nvraid - ok
16:36:08.0248 1980 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:36:08.0248 1980 nvstor - ok
16:36:08.0279 1980 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:36:08.0279 1980 nv_agp - ok
16:36:08.0294 1980 NwlnkFlt - ok
16:36:08.0294 1980 NwlnkFwd - ok
16:36:08.0435 1980 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:36:08.0450 1980 odserv - ok
16:36:08.0497 1980 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
16:36:08.0497 1980 ohci1394 - ok
16:36:08.0544 1980 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:36:08.0560 1980 ose - ok
16:36:08.0638 1980 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:36:08.0638 1980 p2pimsvc - ok
16:36:08.0653 1980 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:36:08.0653 1980 p2psvc - ok
16:36:08.0700 1980 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:36:08.0700 1980 Parport - ok
16:36:08.0747 1980 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
16:36:08.0747 1980 partmgr - ok
16:36:08.0762 1980 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:36:08.0778 1980 Parvdm - ok
16:36:08.0809 1980 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:36:08.0809 1980 PcaSvc - ok
16:36:08.0840 1980 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
16:36:08.0840 1980 pci - ok
16:36:08.0887 1980 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
16:36:08.0887 1980 pciide - ok
16:36:08.0934 1980 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:36:08.0934 1980 pcmcia - ok
16:36:09.0028 1980 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:36:09.0028 1980 PEAUTH - ok
16:36:09.0152 1980 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:36:09.0168 1980 pla - ok
16:36:09.0293 1980 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
16:36:09.0308 1980 PlugPlay - ok
16:36:09.0340 1980 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
16:36:09.0340 1980 Pml Driver HPZ12 - ok
16:36:09.0418 1980 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:36:09.0433 1980 PNRPAutoReg - ok
16:36:09.0433 1980 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:36:09.0449 1980 PNRPsvc - ok
16:36:09.0496 1980 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
16:36:09.0511 1980 PolicyAgent - ok
16:36:09.0589 1980 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:36:09.0589 1980 PptpMiniport - ok
16:36:09.0605 1980 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:36:09.0605 1980 Processor - ok
16:36:09.0667 1980 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
16:36:09.0667 1980 ProfSvc - ok
16:36:09.0698 1980 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:36:09.0698 1980 ProtectedStorage - ok
16:36:09.0730 1980 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
16:36:09.0730 1980 PSched - ok
16:36:09.0745 1980 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
16:36:09.0745 1980 PxHelp20 - ok
16:36:09.0870 1980 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:36:09.0870 1980 ql2300 - ok
16:36:09.0917 1980 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:36:09.0932 1980 ql40xx - ok
16:36:09.0979 1980 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:36:09.0979 1980 QWAVE - ok
16:36:09.0995 1980 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:36:09.0995 1980 QWAVEdrv - ok
16:36:10.0151 1980 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:10.0166 1980 R300 - ok
16:36:10.0291 1980 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:36:10.0291 1980 RasAcd - ok
16:36:10.0338 1980 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:36:10.0338 1980 RasAuto - ok
16:36:10.0369 1980 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:10.0369 1980 Rasl2tp - ok
16:36:10.0416 1980 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
16:36:10.0416 1980 RasMan - ok
16:36:10.0432 1980 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:10.0432 1980 RasPppoe - ok
16:36:10.0463 1980 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
16:36:10.0463 1980 RasSstp - ok
16:36:10.0494 1980 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
16:36:10.0494 1980 rdbss - ok
16:36:10.0525 1980 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:10.0525 1980 RDPCDD - ok
16:36:10.0572 1980 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:36:10.0572 1980 rdpdr - ok
16:36:10.0572 1980 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:36:10.0588 1980 RDPENCDD - ok
16:36:10.0634 1980 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
16:36:10.0634 1980 RDPWD - ok
16:36:10.0744 1980 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
16:36:10.0744 1980 RegSrvc - ok
16:36:10.0790 1980 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:36:10.0790 1980 RemoteAccess - ok
16:36:10.0837 1980 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
16:36:10.0837 1980 RemoteRegistry - ok
16:36:10.0884 1980 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
16:36:10.0884 1980 rimmptsk - ok
16:36:10.0900 1980 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
16:36:10.0900 1980 rimsptsk - ok
16:36:10.0915 1980 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
16:36:10.0915 1980 rismxdp - ok
16:36:10.0946 1980 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:36:10.0946 1980 RpcLocator - ok
16:36:10.0993 1980 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:36:11.0009 1980 RpcSs - ok
16:36:11.0056 1980 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:36:11.0056 1980 rspndr - ok
16:36:11.0071 1980 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:36:11.0071 1980 SamSs - ok
16:36:11.0102 1980 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:36:11.0102 1980 sbp2port - ok
16:36:11.0134 1980 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
16:36:11.0134 1980 SCardSvr - ok
16:36:11.0180 1980 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
16:36:11.0196 1980 Schedule - ok
16:36:11.0227 1980 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:36:11.0227 1980 SCPolicySvc - ok
16:36:11.0290 1980 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
16:36:11.0290 1980 sdbus - ok
16:36:11.0321 1980 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:36:11.0321 1980 SDRSVC - ok
16:36:11.0352 1980 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:36:11.0352 1980 secdrv - ok
16:36:11.0352 1980 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:36:11.0352 1980 seclogon - ok
16:36:11.0383 1980 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
16:36:11.0383 1980 SENS - ok
16:36:11.0414 1980 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:36:11.0414 1980 Serenum - ok
16:36:11.0446 1980 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:36:11.0446 1980 Serial - ok
16:36:11.0477 1980 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:36:11.0477 1980 sermouse - ok
16:36:11.0539 1980 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:36:11.0539 1980 SessionEnv - ok
16:36:11.0555 1980 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
16:36:11.0555 1980 sffdisk - ok
16:36:11.0570 1980 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:36:11.0570 1980 sffp_mmc - ok
16:36:11.0586 1980 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:36:11.0586 1980 sffp_sd - ok
16:36:11.0633 1980 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:36:11.0633 1980 sfloppy - ok
16:36:11.0680 1980 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:36:11.0695 1980 SharedAccess - ok
16:36:11.0742 1980 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
16:36:11.0758 1980 ShellHWDetection - ok
16:36:11.0804 1980 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:36:11.0804 1980 sisagp - ok
16:36:11.0820 1980 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:36:11.0820 1980 SiSRaid2 - ok
16:36:11.0867 1980 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:36:11.0867 1980 SiSRaid4 - ok
16:36:12.0038 1980 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
16:36:12.0085 1980 slsvc - ok
16:36:12.0194 1980 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
16:36:12.0210 1980 SLUINotify - ok
16:36:12.0241 1980 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
16:36:12.0241 1980 Smb - ok
16:36:12.0288 1980 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:36:12.0288 1980 SNMPTRAP - ok
16:36:12.0319 1980 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:36:12.0319 1980 spldr - ok
16:36:12.0335 1980 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
16:36:12.0350 1980 Spooler - ok
16:36:12.0382 1980 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
16:36:12.0382 1980 srv - ok
16:36:12.0397 1980 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
16:36:12.0397 1980 srv2 - ok
16:36:12.0413 1980 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
16:36:12.0413 1980 srvnet - ok
16:36:12.0444 1980 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:36:12.0444 1980 SSDPSRV - ok
16:36:12.0506 1980 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:36:12.0506 1980 SstpSvc - ok
16:36:12.0538 1980 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
16:36:12.0553 1980 STacSV - ok
16:36:12.0600 1980 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
16:36:12.0600 1980 STHDA - ok
16:36:12.0662 1980 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
16:36:12.0678 1980 stisvc - ok
16:36:12.0772 1980 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:36:12.0772 1980 stllssvr - ok
16:36:12.0803 1980 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:36:12.0803 1980 swenum - ok
16:36:12.0850 1980 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
16:36:12.0865 1980 swprv - ok
16:36:12.0896 1980 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:36:12.0912 1980 Symc8xx - ok
16:36:12.0928 1980 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:36:12.0928 1980 Sym_hi - ok
16:36:12.0959 1980 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:36:12.0959 1980 Sym_u3 - ok
16:36:13.0021 1980 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
16:36:13.0037 1980 SysMain - ok
16:36:13.0084 1980 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:36:13.0084 1980 TabletInputService - ok
16:36:13.0130 1980 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
16:36:13.0130 1980 TapiSrv - ok
16:36:13.0146 1980 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:36:13.0162 1980 TBS - ok
16:36:13.0240 1980 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
16:36:13.0240 1980 Tcpip - ok
16:36:13.0255 1980 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
16:36:13.0271 1980 Tcpip6 - ok
16:36:13.0286 1980 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
16:36:13.0286 1980 tcpipreg - ok
16:36:13.0318 1980 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:36:13.0318 1980 TDPIPE - ok
16:36:13.0349 1980 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:36:13.0349 1980 TDTCP - ok
16:36:13.0364 1980 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
16:36:13.0364 1980 tdx - ok
16:36:13.0396 1980 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
16:36:13.0396 1980 TermDD - ok
16:36:13.0458 1980 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
16:36:13.0458 1980 TermService - ok
16:36:13.0520 1980 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
16:36:13.0520 1980 Themes - ok
16:36:13.0552 1980 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:36:13.0552 1980 THREADORDER - ok
16:36:13.0598 1980 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:36:13.0598 1980 TrkWks - ok
16:36:13.0645 1980 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
16:36:13.0645 1980 TrustedInstaller - ok
16:36:13.0692 1980 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:13.0692 1980 tssecsrv - ok
16:36:13.0723 1980 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:36:13.0723 1980 tunmp - ok
16:36:13.0754 1980 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
16:36:13.0754 1980 tunnel - ok
16:36:13.0770 1980 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:36:13.0770 1980 uagp35 - ok
16:36:13.0801 1980 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
16:36:13.0801 1980 udfs - ok
16:36:13.0864 1980 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:36:13.0864 1980 UI0Detect - ok
16:36:13.0895 1980 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:36:13.0895 1980 uliagpkx - ok
16:36:13.0926 1980 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:36:13.0942 1980 uliahci - ok
16:36:13.0973 1980 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:36:13.0973 1980 UlSata - ok
16:36:13.0988 1980 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:36:13.0988 1980 ulsata2 - ok
16:36:14.0035 1980 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:36:14.0035 1980 umbus - ok
16:36:14.0051 1980 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:36:14.0066 1980 upnphost - ok
16:36:14.0098 1980 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
16:36:14.0098 1980 USBAAPL - ok
16:36:14.0144 1980 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
16:36:14.0144 1980 usbbus - ok
16:36:14.0191 1980 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:14.0207 1980 usbccgp - ok
16:36:14.0222 1980 USBCCID (e0b8489aeda9ea33361037be6a8cf1ca) C:\Windows\system32\DRIVERS\usbccid.sys
16:36:14.0222 1980 USBCCID - ok
16:36:14.0269 1980 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:36:14.0269 1980 usbcir - ok
16:36:14.0285 1980 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
16:36:14.0285 1980 UsbDiag - ok
16:36:14.0316 1980 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
16:36:14.0316 1980 usbehci - ok
16:36:14.0347 1980 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
16:36:14.0347 1980 usbhub - ok
16:36:14.0394 1980 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
16:36:14.0394 1980 USBModem - ok
16:36:14.0425 1980 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:36:14.0425 1980 usbohci - ok
16:36:14.0472 1980 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:36:14.0472 1980 usbprint - ok
16:36:14.0519 1980 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
16:36:14.0519 1980 usbscan - ok
16:36:14.0550 1980 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:14.0550 1980 USBSTOR - ok
16:36:14.0566 1980 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:36:14.0566 1980 usbuhci - ok
16:36:14.0628 1980 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:36:14.0628 1980 usbvideo - ok
16:36:14.0659 1980 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
16:36:14.0659 1980 UxSms - ok
16:36:14.0706 1980 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
16:36:14.0706 1980 vds - ok
16:36:14.0753 1980 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:14.0753 1980 vga - ok
16:36:14.0784 1980 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:36:14.0784 1980 VgaSave - ok
16:36:14.0800 1980 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:36:14.0800 1980 viaagp - ok
16:36:14.0831 1980 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:36:14.0831 1980 ViaC7 - ok
16:36:14.0846 1980 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:36:14.0846 1980 viaide - ok
16:36:14.0893 1980 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:36:14.0909 1980 volmgr - ok
16:36:14.0940 1980 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
16:36:14.0940 1980 volmgrx - ok
16:36:14.0956 1980 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
16:36:14.0971 1980 volsnap - ok
16:36:15.0002 1980 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:36:15.0002 1980 vsmraid - ok
16:36:15.0096 1980 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
16:36:15.0127 1980 VSS - ok
16:36:15.0158 1980 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
16:36:15.0158 1980 W32Time - ok
16:36:15.0236 1980 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:36:15.0236 1980 WacomPen - ok
16:36:15.0268 1980 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:15.0268 1980 Wanarp - ok
16:36:15.0268 1980 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:15.0268 1980 Wanarpv6 - ok
16:36:15.0330 1980 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
16:36:15.0330 1980 wcncsvc - ok
16:36:15.0361 1980 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:36:15.0361 1980 WcsPlugInService - ok
16:36:15.0408 1980 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:36:15.0408 1980 Wd - ok
16:36:15.0455 1980 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:36:15.0470 1980 Wdf01000 - ok
16:36:15.0486 1980 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:36:15.0486 1980 WdiServiceHost - ok
16:36:15.0486 1980 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:36:15.0486 1980 WdiSystemHost - ok
16:36:15.0533 1980 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
16:36:15.0533 1980 WebClient - ok
16:36:15.0580 1980 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:36:15.0580 1980 Wecsvc - ok
16:36:15.0611 1980 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:36:15.0611 1980 wercplsupport - ok
16:36:15.0642 1980 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
16:36:15.0642 1980 WerSvc - ok
16:36:15.0704 1980 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
16:36:15.0720 1980 winachsf - ok
16:36:15.0798 1980 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:36:15.0798 1980 WinDefend - ok
16:36:15.0829 1980 WinHttpAutoProxySvc - ok
16:36:15.0907 1980 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
16:36:15.0907 1980 Winmgmt - ok
16:36:16.0032 1980 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:36:16.0048 1980 WinRM - ok
16:36:16.0126 1980 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
16:36:16.0141 1980 Wlansvc - ok
16:36:16.0328 1980 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:36:16.0360 1980 wlidsvc - ok
16:36:16.0484 1980 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:36:16.0484 1980 WmiAcpi - ok
16:36:16.0562 1980 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
16:36:16.0562 1980 wmiApSrv - ok
16:36:16.0703 1980 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:36:16.0718 1980 WMPNetworkSvc - ok
16:36:16.0750 1980 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
16:36:16.0750 1980 WPCSvc - ok
16:36:16.0781 1980 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
16:36:16.0781 1980 WPDBusEnum - ok
16:36:16.0859 1980 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
16:36:16.0859 1980 WpdUsb - ok
16:36:17.0046 1980 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:36:17.0046 1980 WPFFontCache_v0400 - ok
16:36:17.0077 1980 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:36:17.0077 1980 ws2ifsl - ok
16:36:17.0124 1980 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
16:36:17.0124 1980 wscsvc - ok
16:36:17.0140 1980 WSearch - ok
16:36:17.0280 1980 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:36:17.0311 1980 wuauserv - ok
16:36:17.0467 1980 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:17.0467 1980 WUDFRd - ok
16:36:17.0498 1980 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:36:17.0498 1980 wudfsvc - ok
16:36:17.0530 1980 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
16:36:17.0530 1980 XAudio - ok
16:36:17.0561 1980 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
16:36:17.0576 1980 XAudioService - ok
16:36:17.0608 1980 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
16:36:17.0608 1980 yukonwlh - ok
16:36:17.0654 1980 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:36:18.0029 1980 \Device\Harddisk0\DR0 - ok
16:36:18.0060 1980 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition0
16:36:18.0060 1980 \Device\Harddisk0\DR0\Partition0 - ok
16:36:18.0076 1980 Boot (0x1200) (a1f4076aafdafcf92571a0cd3947c037) \Device\Harddisk0\DR0\Partition1
16:36:18.0076 1980 \Device\Harddisk0\DR0\Partition1 - ok
16:36:18.0076 1980 ============================================================
16:36:18.0076 1980 Scan finished
16:36:18.0076 1980 ============================================================
16:36:18.0091 1752 Detected object count: 0
16:36:18.0091 1752 Actual detected object count: 0

Here's the log from GMER:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-25 16:14:24
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.FB2O
Running: 1q1rxfff[1].exe; Driver: C:\Users\Brian\AppData\Local\Temp\pgddqpoc.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x82F715A8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x82F715D2]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x82F715BE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x82F71594]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwYieldExecution 8282C1A0 5 Bytes JMP 82F71598 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwTerminateProcess 829E82F0 5 Bytes JMP 82F715D6 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtMapViewOfSection 82A29AFE 7 Bytes JMP 82F715AC \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwUnmapViewOfSection 82A2A155 5 Bytes JMP 82F715C2 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
? C:\Users\Brian\AppData\Local\Temp\aswMBR.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\Explorer.EXE[656] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00D50000
.text C:\Windows\Explorer.EXE[656] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00D5001B
.text C:\Windows\Explorer.EXE[656] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00D50FE5
.text C:\Windows\Explorer.EXE[656] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 007F0F11
.text C:\Windows\Explorer.EXE[656] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 007F004D
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 007F0EDB
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 007F0072
.text C:\Windows\Explorer.EXE[656] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 007F0F58
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 007F0FB2
.text C:\Windows\Explorer.EXE[656] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 007F0032
.text C:\Windows\Explorer.EXE[656] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 007F0F86
.text C:\Windows\Explorer.EXE[656] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 007F0F47
.text C:\Windows\Explorer.EXE[656] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 007F0F75
.text C:\Windows\Explorer.EXE[656] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 007F0FA1
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 007F0F2C
.text C:\Windows\Explorer.EXE[656] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 007F0083
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 007F0FD4
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 007F0FEF
.text C:\Windows\Explorer.EXE[656] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 007F0FC3
.text C:\Windows\Explorer.EXE[656] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 007F0F00
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00D40FAF
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00D40051
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00D40000
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00D40FCA
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00D40F9E
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00D40FDB
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00D40011
.text C:\Windows\Explorer.EXE[656] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00D4002C
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00D30FAB
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!system 76A88B63 5 Bytes JMP 00D30036
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00D3000A
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00D30FE3
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00D3001B
.text C:\Windows\Explorer.EXE[656] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00D30FD2
.text C:\Windows\Explorer.EXE[656] WS2_32.dll!socket 75C836D1 5 Bytes JMP 02C20000
.text C:\Windows\Explorer.EXE[656] WININET.dll!InternetOpenA 76BDD690 5 Bytes JMP 03950000
.text C:\Windows\Explorer.EXE[656] WININET.dll!InternetOpenW 76BDDB09 5 Bytes JMP 0395001B
.text C:\Windows\Explorer.EXE[656] WININET.dll!InternetOpenUrlA 76BDF3A4 5 Bytes JMP 0395002C
.text C:\Windows\Explorer.EXE[656] WININET.dll!InternetOpenUrlW 76C26D5F 5 Bytes JMP 03950FE5
.text C:\Windows\system32\services.exe[780] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00390000
.text C:\Windows\system32\services.exe[780] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00390FCA
.text C:\Windows\system32\services.exe[780] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00390FE5
.text C:\Windows\system32\services.exe[780] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 003400A7
.text C:\Windows\system32\services.exe[780] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00340F61
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 003400E4
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 003400D3
.text C:\Windows\system32\services.exe[780] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00340F97
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00340FD4
.text C:\Windows\system32\services.exe[780] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00340071
.text C:\Windows\system32\services.exe[780] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00340040
.text C:\Windows\system32\services.exe[780] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 0034008C
.text C:\Windows\system32\services.exe[780] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00340FA8
.text C:\Windows\system32\services.exe[780] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00340FC3
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00340F7C
.text C:\Windows\system32\services.exe[780] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00340F32
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 0034000A
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00340FE5
.text C:\Windows\system32\services.exe[780] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00340025
.text C:\Windows\system32\services.exe[780] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 003400B8
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00640062
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 0064003D
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00640000
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00640FB6
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00640FA5
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 0064001B
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00640FE5
.text C:\Windows\system32\services.exe[780] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 0064002C
.text C:\Windows\system32\services.exe[780] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 005F0FC3
.text C:\Windows\system32\services.exe[780] msvcrt.dll!system 76A88B63 5 Bytes JMP 005F004E
.text C:\Windows\system32\services.exe[780] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 005F0FEF
.text C:\Windows\system32\services.exe[780] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 005F000C
.text C:\Windows\system32\services.exe[780] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 005F0FD4
.text C:\Windows\system32\services.exe[780] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 005F001D
.text C:\Windows\system32\services.exe[780] WS2_32.dll!socket 75C836D1 5 Bytes JMP 005E0000
.text C:\Windows\system32\lsass.exe[796] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00070FEF
.text C:\Windows\system32\lsass.exe[796] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00070FCA
.text C:\Windows\system32\lsass.exe[796] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 0007000A
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00060F12
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00060F23
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 0006008E
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00060F01
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00060F6A
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00060022
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 0006004E
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00060FA5
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00060F59
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0006003D
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00060FC0
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00060F3E
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00060ED2
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00060000
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00060FE5
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00060011
.text C:\Windows\system32\lsass.exe[796] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 0006007D
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00850F94
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00850036
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00850FEF
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00850FAF
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00850051
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 0085000A
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00850FD4
.text C:\Windows\system32\lsass.exe[796] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 0085001B
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00840F8B
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!system 76A88B63 5 Bytes JMP 00840F9C
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00840FD2
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00840000
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00840FB7
.text C:\Windows\system32\lsass.exe[796] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00840FE3
.text C:\Windows\system32\lsass.exe[796] WS2_32.dll!socket 75C836D1 5 Bytes JMP 0008000A
.text C:\Windows\system32\svchost.exe[984] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 001E0000
.text C:\Windows\system32\svchost.exe[984] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 001E0FCA
.text C:\Windows\system32\svchost.exe[984] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 001E0FDB
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 001D0F46
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 001D0F6B
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 001D00C9
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 001D00B8
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 001D0F9E
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 001D0040
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 001D0078
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 001D0051
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 001D0F8D
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 001D0FAF
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 001D0FD4
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 001D0F7C
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 001D0F17
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 001D001B
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 001D000A
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 001D0FE5
.text C:\Windows\system32\svchost.exe[984] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 001D00A7
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00200FAD
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!system 76A88B63 5 Bytes JMP 00200FBE
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00200027
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 0020000C
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00200038
.text C:\Windows\system32\svchost.exe[984] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00200FEF
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00210F86
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00210FA8
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00210FEF
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00210F97
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00210F6B
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 0021000A
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00210FD4
.text C:\Windows\system32\svchost.exe[984] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00210FB9
.text C:\Windows\system32\svchost.exe[984] WS2_32.dll!socket 75C836D1 5 Bytes JMP 001F0FEF
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0029000A
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00290FE5
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00290025
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00090F4B
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00090091
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00090F1F
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 000900B6
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00090F81
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00090FE5
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00090F92
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00090FAF
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00090076
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0009005B
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00090FCA
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00090F66
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000900D1
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00090011
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00090000
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00090036
.text C:\Windows\system32\svchost.exe[1044] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00090F30
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 002B0F9C
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!system 76A88B63 5 Bytes JMP 002B0FAD
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 002B0FC8
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 002B000C
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 002B001D
.text C:\Windows\system32\svchost.exe[1044] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 002B0FEF
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00340F7C
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00340F9E
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00340FEF
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00340F8D
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00340F6B
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00340000
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00340FD4
.text C:\Windows\system32\svchost.exe[1044] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00340FAF
.text C:\Windows\system32\svchost.exe[1044] WS2_32.dll!socket 75C836D1 5 Bytes JMP 002A0000
.text C:\Windows\System32\svchost.exe[1184] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0077000A
.text C:\Windows\System32\svchost.exe[1184] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 0077001B
.text C:\Windows\System32\svchost.exe[1184] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00770FE5
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00140F44
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00140F55
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00140F0E
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00140F1F
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00140F81
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00140FD4
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00140F9E
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00140FB9
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00140080
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0014005B
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00140040
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00140F70
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 001400C0
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00140FE5
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00140000
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 0014001B
.text C:\Windows\System32\svchost.exe[1184] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 0014009B
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00B1004C
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!system 76A88B63 5 Bytes JMP 00B1003B
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00B10FD2
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00B1000C
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00B10FC1
.text C:\Windows\System32\svchost.exe[1184] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00B10FEF
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00B20F83
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00B20FA8
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00B20FEF
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00B20025
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00B20F72
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00B20FCA
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00B20000
.text C:\Windows\System32\svchost.exe[1184] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00B20FB9
.text C:\Windows\System32\svchost.exe[1184] WS2_32.dll!socket 75C836D1 5 Bytes JMP 00A80FEF
.text C:\Windows\System32\svchost.exe[1212] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0098000A
.text C:\Windows\System32\svchost.exe[1212] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00980FD4
.text C:\Windows\System32\svchost.exe[1212] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00980FE5
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00920F4B
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00920087
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 009200C7
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 009200B6
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00920F9C
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0092002F
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00920076
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00920FB9
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00920F81
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00920065
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00920040
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00920F66
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 009200EC
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00920FDE
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00920FEF
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 0092001E
.text C:\Windows\System32\svchost.exe[1212] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00920F30
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 009F0FC3
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!system 76A88B63 5 Bytes JMP 009F0FD4
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 009F0FEF
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 009F000C
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 009F0044
.text C:\Windows\System32\svchost.exe[1212] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 009F0029
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 0097002F
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00970F97
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00970FEF
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 0097001E
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 0097004A
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00970FC3
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00970FD4
.text C:\Windows\System32\svchost.exe[1212] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00970FA8
.text C:\Windows\System32\svchost.exe[1212] WS2_32.dll!socket 75C836D1 5 Bytes JMP 0099000A
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 01260FEF
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 01260025
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 01260014
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 01200F4D
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 01200F5E
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 01200F1E
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 012000B5
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 01200078
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 01200025
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 01200F9E
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 01200FB9
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 01200093
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0120005B
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 01200040
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 01200F79
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 012000D0
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 0120000A
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 01200FEF
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 01200FD4
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 012000A4
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 01380055
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!system 76A88B63 5 Bytes JMP 01380044
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 01380FDE
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 01380FEF
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 01380033
.text C:\Windows\system32\svchost.exe[1244] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 0138000C
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 01250073
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 01250051
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 01250000
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 01250062
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 01250FB6
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 01250022
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 01250011
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 01250FDB
.text C:\Windows\system32\svchost.exe[1244] WS2_32.dll!socket 75C836D1 5 Bytes JMP 012B000A
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00040FEF
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 0004001B
.text C:\Windows\system32\svchost.exe[1304] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00040000
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 0001009F
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00010F59
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00010F19
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 000100B0
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 0001005F
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0001002C
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00010F91
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 0001003D
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00010F74
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0001004E
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00010FB6
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00010084
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000100D5
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 0001001B
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00010000
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00010FE5
.text C:\Windows\system32\svchost.exe[1304] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00010F34
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00060042
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!system 76A88B63 5 Bytes JMP 00060FB7
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 0006001D
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00060000
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00060FC8
.text C:\Windows\system32\svchost.exe[1304] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00060FE3
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00070054
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00070FCD
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 0007000A
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00070FA8
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00070F97
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00070FEF
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00070025
.text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00070FDE
.text C:\Windows\system32\svchost.exe[1304] WS2_32.dll!socket 75C836D1 5 Bytes JMP 00670000
.text C:\Windows\system32\svchost.exe[1376] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 007B0000
.text C:\Windows\system32\svchost.exe[1376] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 007B0036
.text C:\Windows\system32\svchost.exe[1376] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 007B001B
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00790F2E
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00790F3F
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00790EDD
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00790EEE
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00790F86
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00790FC3
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00790060
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00790FA8
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00790F75
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00790F97
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00790039
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00790F5A
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00790EC2
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00790FE5
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00790000
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00790FD4
.text C:\Windows\system32\svchost.exe[1376] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00790F09
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 007E0FB2
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!system 76A88B63 5 Bytes JMP 007E003D
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 007E0011
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 007E0FEF
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 007E002C
.text C:\Windows\system32\svchost.exe[1376] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 007E0000
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 007A0F8A
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 007A0036
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 007A0000
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 007A0FAF
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 007A0047
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 007A0011
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 007A0FDB
.text C:\Windows\system32\svchost.exe[1376] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 007A0FC0
.text C:\Windows\system32\svchost.exe[1376] WS2_32.dll!socket 75C836D1 5 Bytes JMP 007C000A
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00990FE5
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00990011
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00990000
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00190087
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00190F41
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 001900B3
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00190F26
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00190F6D
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00190FC0
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00190F94
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00190FAF
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00190F5C
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00190051
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00190036
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 0019006C
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 001900CE
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00190011
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00190000
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00190FDB
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 001900A2
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 009F0031
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!system 76A88B63 5 Bytes JMP 009F0FA6
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 009F0FD2
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 009F0FE3
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 009F0FC1
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 009F0000
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 008F0055
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 008F0044
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 008F0000
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 008F0FBD
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 008F0066
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 008F0022
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 008F0011
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 008F0033
.text C:\Windows\system32\svchost.exe[1424] WS2_32.dll!socket 75C836D1 5 Bytes JMP 009A0000
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenA 76BDD690 5 Bytes JMP 00900FE5
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenW 76BDDB09 5 Bytes JMP 00900000
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenUrlA 76BDF3A4 5 Bytes JMP 00900FCA
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenUrlW 76C26D5F 5 Bytes JMP 0090001B
.text C:\Windows\system32\svchost.exe[1604] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 01C30000
.text C:\Windows\system32\svchost.exe[1604] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 01C30025
.text C:\Windows\system32\svchost.exe[1604] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 01C30FEF
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 013700A9
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 01370F63
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 01370F37
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 01370F48
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 0137007D
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0137002C
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 01370062
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 01370051
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 01370F88
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 01370FAF
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 01370FC0
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 0137008E
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 013700E9
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 01370011
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 01370000
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 01370FE5
.text C:\Windows\system32\svchost.exe[1604] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 013700C4
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 01C10F7F
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!system 76A88B63 5 Bytes JMP 01C10F9A
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 01C10FB5
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 01C10FE3
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 01C1000A
.text C:\Windows\system32\svchost.exe[1604] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 01C10FC6
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 01C20FA5
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 01C20FC0
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 01C20000
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 01C20047
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 01C20062
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 01C2001B
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 01C20FE5
.text C:\Windows\system32\svchost.exe[1604] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 01C2002C
.text C:\Windows\system32\svchost.exe[1604] WS2_32.dll!socket 75C836D1 5 Bytes JMP 01BC0FEF
.text C:\Windows\system32\svchost.exe[1908] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 01B00000
.text C:\Windows\system32\svchost.exe[1908] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 01B00FD4
.text C:\Windows\system32\svchost.exe[1908] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 01B00FE5
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00A10F6D
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00A10F7E
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00A10F37
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00A100CE
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00A10FA3
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00A10051
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00A10FBE
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00A10FE5
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00A10098
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00A1007D
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00A1006C
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00A100A9
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00A10F12
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00A10025
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00A10000
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00A10040
.text C:\Windows\system32\svchost.exe[1908] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00A10F52
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00A3003B
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!system 76A88B63 5 Bytes JMP 00A30FA6
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00A30FD2
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00A30000
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00A30FC1
.text C:\Windows\system32\svchost.exe[1908] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00A30FE3
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00A40F94
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00A40FB9
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00A40FEF
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00A40040
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00A4005B
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00A40FDE
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00A40014
.text C:\Windows\system32\svchost.exe[1908] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00A4002F
.text C:\Windows\system32\svchost.exe[1908] WS2_32.dll!socket 75C836D1 5 Bytes JMP 00A20FE5
.text C:\Windows\system32\svchost.exe[2544] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00890000
.text C:\Windows\system32\svchost.exe[2544] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 0089001B
.text C:\Windows\system32\svchost.exe[2544] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00890FE5
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00860F3C
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00860F4D
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 008600C9
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 008600AE
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00860F83
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00860022
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00860F94
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 0086003D
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00860F68
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00860FA5
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00860FB6
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 0086006E
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00860F21
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00860011
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00860000
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00860FDB
.text C:\Windows\system32\svchost.exe[2544] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 0086009D
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00870F9A
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!system 76A88B63 5 Bytes JMP 00870025
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00870FC6
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00870000
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00870FB5
.text C:\Windows\system32\svchost.exe[2544] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00870FD7
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00880040
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 1 Byte [E9]
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00880FB2
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00880FEF
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 0088002F
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00880F8D
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00880FC3
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00880FDE
.text C:\Windows\system32\svchost.exe[2544] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 0088001E
.text C:\Windows\System32\svchost.exe[2716] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 001E0FEF
.text C:\Windows\System32\svchost.exe[2716] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 001E0FCA
.text C:\Windows\System32\svchost.exe[2716] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 001E0000
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 000A00C6
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 000A00B5
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 000A00E1
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 000A0F40
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 000A0F94
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 000A002F
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 000A0FA5
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 000A0051
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 000A007F
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 000A0062
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 000A0040
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 000A009A
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000A00F2
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 000A0FEF
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 000A000A
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 000A0FD4
.text C:\Windows\System32\svchost.exe[2716] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 000A0F5B
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_wsystem 76A88A47 1 Byte [E9]
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 000C004B
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!system 76A88B63 5 Bytes JMP 000C003A
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 000C0029
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 000C0FEF
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 000C0FD4
.text C:\Windows\System32\svchost.exe[2716] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 000C0018
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 000D0054
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 000D002F
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 000D000A
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 000D0FA8
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 000D0F8D
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 000D0FD4
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 000D0FE5
.text C:\Windows\System32\svchost.exe[2716] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 000D0FC3
.text C:\Windows\System32\svchost.exe[2716] WS2_32.dll!socket 75C836D1 5 Bytes JMP 000B0FE5
.text C:\Windows\System32\svchost.exe[2796] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0019000A
.text C:\Windows\System32\svchost.exe[2796] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00190FE5
.text C:\Windows\System32\svchost.exe[2796] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00190025
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00090F61
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00090F72
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 000900D3
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 000900C2
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00090FAF
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00090FCA
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00090089
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00090051
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00090F94
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0009006C
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00090040
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00090F83
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000900EE
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00090FE5
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 0009000A
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 0009001B
.text C:\Windows\System32\svchost.exe[2796] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00090F46
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00170053
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!system 76A88B63 5 Bytes JMP 00170FC8
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 0017001D
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 0017000C
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00170038
.text C:\Windows\System32\svchost.exe[2796] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00170FE3
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00180F97
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 0018002F
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00180FE5
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00180FA8
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00180F86
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 0018000A
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00180FD4
.text C:\Windows\System32\svchost.exe[2796] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00180FB9
.text C:\Windows\System32\svchost.exe[2796] WS2_32.dll!socket 75C836D1 5 Bytes JMP 000A0FEF
.text C:\Windows\system32\svchost.exe[2844] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 001A0000
.text C:\Windows\system32\svchost.exe[2844] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 001A002C
.text C:\Windows\system32\svchost.exe[2844] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 001A001B
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00130093
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00130F4D
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 001300C9
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 001300AE
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00130F83
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0013001E
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 0013005D
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 0013002F
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00130F68
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00130040
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00130FA8
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreatePipe 75B40474 1 Byte [E9]
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00130078
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00130F17
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00130FDE
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00130FEF
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00130FCD
.text C:\Windows\system32\svchost.exe[2844] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00130F32
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00180FB9
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!system 76A88B63 5 Bytes JMP 00180044
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00180FEF
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00180000
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00180FDE
.text C:\Windows\system32\svchost.exe[2844] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00180029
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00190FB9
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00190040
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 0019000A
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 0019005B
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00190080
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00190025
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00190FE5
.text C:\Windows\system32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00190FD4
.text C:\Windows\system32\svchost.exe[2844] WS2_32.dll!socket 75C836D1 5 Bytes JMP 00160000
.text C:\Windows\system32\svchost.exe[3260] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00AD0FEF
.text C:\Windows\system32\svchost.exe[3260] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00AD0000
.text C:\Windows\system32\svchost.exe[3260] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00AD0FD4
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00A100C1
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00A100B0
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00A100ED
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00A10F56
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00A10084
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00A10025
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00A10073
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00A10047
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00A1009F
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00A10062
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00A10036
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00A10F85
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00A100FE
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00A10FEF
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00A1000A
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00A10FCA
.text C:\Windows\system32\svchost.exe[3260] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00A100DC
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00AB0073
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!system 76A88B63 5 Bytes JMP 00AB0062
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00AB0022
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00AB0000
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00AB0047
.text C:\Windows\system32\svchost.exe[3260] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00AB0011
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00AC0F79
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00AC001B
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00AC0FEF
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00AC0F8A
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00AC0036
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00AC000A
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00AC0FD4
.text C:\Windows\system32\svchost.exe[3260] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00AC0FAF
.text C:\Windows\system32\svchost.exe[3260] WS2_32.dll!socket 75C836D1 5 Bytes JMP 00AA000A
.text C:\Windows\System32\svchost.exe[3316] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 00090000
.text C:\Windows\System32\svchost.exe[3316] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00090FD4
.text C:\Windows\System32\svchost.exe[3316] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00090FE5
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00050091
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00050F4B
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00050F0E
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00050F29
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00050F81
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0005002F
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00050FA8
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00050FB9
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00050F70
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 0005005B
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 0005004A
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00050076
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!GetProcAddress 75B5BAC6 1 Byte [E9]
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000500CA
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 0005000A
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00050FEF
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00050FDE
.text C:\Windows\System32\svchost.exe[3316] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 00050F3A
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00060F9A
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!system 76A88B63 5 Bytes JMP 0006001B
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00060FBC
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00060000
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00060FAB
.text C:\Windows\System32\svchost.exe[3316] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00060FE3
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00070054
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00070FCD
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00070FEF
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00070FB2
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00070065
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00070FDE
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00070014
.text C:\Windows\System32\svchost.exe[3316] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 0007002F
.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[3716] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 69459A63 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[3716] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 694599A1 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0004000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00040FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 00040FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 00010098
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00010087
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 00010F41
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 000100D8
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00010F74
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 0001001B
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00010058
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00010047
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 00010F63
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00010FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 0001002C
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00010F52
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 000100F3
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00010FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00010000
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00010FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 000100B3
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 0015004A
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00150FA8
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00150FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 0015002F
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 00150F8D
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00150FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00150014
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00150FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!DialogBoxIndirectParamW 76E9BD25 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!DialogBoxIndirectParamW 76E9BD25 5 Bytes JMP 66995329 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!CreateWindowExW 76EA3D67 5 Bytes JMP 6689DB04 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!DialogBoxParamW 76EB1FD5 5 Bytes JMP 667C54C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!DialogBoxParamA 76ED80B2 5 Bytes JMP 669952C6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!DialogBoxIndirectParamA 76ED83DD 5 Bytes JMP 6699538C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!MessageBoxIndirectA 76EED471 5 Bytes JMP 6699525B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!MessageBoxIndirectW 76EED56B 5 Bytes JMP 669951F0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!MessageBoxExA 76EED5D1 5 Bytes JMP 6699518E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] USER32.dll!MessageBoxExW 76EED5F5 5 Bytes JMP 6699512C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00160F7F
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!system 76A88B63 5 Bytes JMP 00160F90
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00160FAB
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00160FE3
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00160000
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00160FD2
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ole32.dll!OleLoadFromStream 77339794 5 Bytes JMP 66995691 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] WININET.dll!InternetOpenA 76BDD690 5 Bytes JMP 001E0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] WININET.dll!InternetOpenW 76BDDB09 5 Bytes JMP 001E0FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] WININET.dll!InternetOpenUrlA 76BDF3A4 5 Bytes JMP 001E0014
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] WININET.dll!InternetOpenUrlW 76C26D5F 5 Bytes JMP 001E0025
.text C:\Program Files\Internet Explorer\iexplore.exe[4488] ws2_32.dll!socket 75C836D1 5 Bytes JMP 007A0FE5
.text C:\Windows\system32\wuauclt.exe[6040] ntdll.dll!NtCreateFile 774C7C78 5 Bytes JMP 0004000A
.text C:\Windows\system32\wuauclt.exe[6040] ntdll.dll!NtCreateProcess 774C7D38 5 Bytes JMP 00040FDB
.text C:\Windows\system32\wuauclt.exe[6040] ntdll.dll!NtProtectVirtualMemory 774C85D8 5 Bytes JMP 0004001B
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!GetStartupInfoW 75B11929 5 Bytes JMP 000100A7
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!GetStartupInfoA 75B119C9 5 Bytes JMP 00010096
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateProcessW 75B11C01 5 Bytes JMP 000100DD
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateProcessA 75B11C36 5 Bytes JMP 00010F46
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!VirtualProtect 75B11DD1 5 Bytes JMP 00010060
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateNamedPipeW 75B15C44 5 Bytes JMP 00010FC3
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!LoadLibraryExW 75B3374A 5 Bytes JMP 00010F86
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!LoadLibraryW 75B3382D 5 Bytes JMP 00010FA8
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!VirtualProtectEx 75B38F5E 5 Bytes JMP 0001007B
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!LoadLibraryExA 75B39649 5 Bytes JMP 00010F97
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!LoadLibraryA 75B39671 5 Bytes JMP 00010025
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreatePipe 75B40474 5 Bytes JMP 00010F6B
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!GetProcAddress 75B5BAC6 5 Bytes JMP 00010F2B
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateFileW 75B5CE4E 5 Bytes JMP 00010FEF
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateFileA 75B5D171 5 Bytes JMP 00010000
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!CreateNamedPipeA 75BA462E 5 Bytes JMP 00010FD4
.text C:\Windows\system32\wuauclt.exe[6040] kernel32.dll!WinExec 75BA580B 5 Bytes JMP 000100B8
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!_wsystem 76A88A47 5 Bytes JMP 00070F94
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!system 76A88B63 5 Bytes JMP 00070029
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!_creat 76A8C6F1 5 Bytes JMP 00070018
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!_open 76A8DA7E 5 Bytes JMP 00070FEF
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!_wcreat 76A8DC9E 5 Bytes JMP 00070FC3
.text C:\Windows\system32\wuauclt.exe[6040] msvcrt.dll!_wopen 76A8DE79 5 Bytes JMP 00070FDE
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegCreateKeyExA 76AFB5E7 5 Bytes JMP 00080F83
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegCreateKeyA 76AFB8AE 5 Bytes JMP 00080FAF
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegOpenKeyA 76B00BF5 5 Bytes JMP 00080FE5
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegCreateKeyW 76B0B83D 5 Bytes JMP 00080F94
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegCreateKeyExW 76B0BCE1 5 Bytes JMP 0008004A
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegOpenKeyExA 76B0D4E8 5 Bytes JMP 00080011
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegOpenKeyW 76B13CB0 5 Bytes JMP 00080000
.text C:\Windows\system32\wuauclt.exe[6040] ADVAPI32.dll!RegOpenKeyExW 76B1F09D 5 Bytes JMP 00080FC0

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74338864] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74379855] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7433B984] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7432FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74337A29] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7432EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7436B12D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7433BC4A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74330756] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [743306BD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [743271B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [743BD9E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74357329] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7432E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7432697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [743269A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74332475] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\mfevtps.exe[2696] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] [008EA4D0] C:\Windows\system32\mfevtps.exe (McAfee Process Validation Service/McAfee, Inc.)
IAT C:\Windows\system32\mfevtps.exe[2696] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [008EA530] C:\Windows\system32\mfevtps.exe (McAfee Process Validation Service/McAfee, Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [613478CB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [613477FD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6134702A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6134783D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [613478CB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [613477FD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6134783D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6134702A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\USER32.dll [GDI32.dll!GetStockObject] [6134636A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6134783D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [613478CB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [613477FD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6134702A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6134636A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [613462A5] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [61346C41] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [61346C41] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [613478CB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6134702A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6134783D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [613477FD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6134636A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61346212] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [613461D4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [61346370] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor] [613462A5] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [61346C41] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AnimateWindow] [61346405] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileW] [6134644A] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[5716] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileA] [613464F0] C:\Program Files\Yahoo!\Messenger\yui.dll

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----




Here's the log from aswMBR:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-25 16:37:45
-----------------------------
16:37:45.155 OS Version: Windows 6.0.6001 Service Pack 1
16:37:45.155 Number of processors: 2 586 0xF0D
16:37:45.155 ComputerName: COMPUTER UserName: Brian
16:38:16.027 Initialize success
16:38:27.556 AVAST engine defs: 12052500
16:38:32.657 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:38:32.657 Disk 0 Vendor: Hitachi_ FB2O Size: 152627MB BusType: 3
16:38:32.688 Disk 0 MBR read successfully
16:38:32.688 Disk 0 MBR scan
16:38:32.688 Disk 0 Windows VISTA default MBR code
16:38:32.704 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:38:32.719 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
16:38:32.735 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 140026 MB offset 20561920
16:38:32.750 Disk 0 Partition - 00 0F Extended LBA 2559 MB offset 307337216
16:38:32.797 Disk 0 Partition 4 00 DD MSDOS5.0 2558 MB offset 307339264
16:38:32.813 Disk 0 scanning sectors +312578048
16:38:32.891 Disk 0 scanning C:\Windows\system32\drivers
16:38:43.811 Service scanning
16:39:17.975 Modules scanning
16:39:25.603 Disk 0 trace - called modules:
16:39:25.634 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
16:39:25.634 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8627d030]
16:39:25.666 3 CLASSPNP.SYS[8379c745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85816030]
16:39:27.413 AVAST engine scan C:\Windows
16:39:31.952 AVAST engine scan C:\Windows\system32
16:42:59.744 AVAST engine scan C:\Windows\system32\drivers
16:43:13.847 AVAST engine scan C:\Users\Brian
16:44:17.370 Disk 0 MBR has been saved successfully to "C:\Users\Brian\Desktop\MBR.dat"
16:44:17.386 The log file has been saved successfully to "C:\Users\Brian\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 25 May 2012 - 07:59 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 Easy Victory

Easy Victory
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 25 May 2012 - 09:34 PM

I ran Anti-Malware, and it came back clean both times. ESET came back clean, as well. Think you may have solved the problem (I hope). Any more advice or thoughts, or is there still more work to be done?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 25 May 2012 - 09:38 PM

Please post the mini toolbox log :thumbup2:

#7 Easy Victory

Easy Victory
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 25 May 2012 - 10:03 PM

MiniToolBox by Farbar Version: 14-01-2012
Ran by Brian (administrator) on 25-05-2012 at 17:11:47
Microsoft® Windows Vista™ Home Basic Service Pack 1 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "128.119.41.211"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Computer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gci.net

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gci.net
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-21-5C-84-B9-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gci.net
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-21-9B-F0-1A-2B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 66.58.194.208(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Lease Obtained. . . . . . . . . . : Friday, May 25, 2012 4:31:05 PM
Lease Expires . . . . . . . . . . : Saturday, May 26, 2012 4:31:04 PM
Default Gateway . . . . . . . . . : 66.58.192.1
DHCP Server . . . . . . . . . . . : 209.165.131.45
DNS Servers . . . . . . . . . . . : 209.165.131.12
209.165.131.13
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.gci.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 37:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 38:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 39:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 42:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 43:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 44:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 46:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 47:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 48:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 49:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 51:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 52:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 53:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 55:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 56:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 61:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 63:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 64:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 68:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 70:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 73:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 74:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 75:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 76:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 77:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 78:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 80:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 81:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 86:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 87:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 88:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 89:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 90:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 92:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 93:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 95:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 96:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 97:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 98:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 100:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 101:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 102:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 103:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 104:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 105:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 106:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 108:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 109:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 112:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 114:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 115:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vcns-1.gci.net
Address: 209.165.131.12

Name: google.com
Addresses: 173.194.79.113
173.194.79.138
173.194.79.139
173.194.79.100
173.194.79.101
173.194.79.102



Pinging google.com [74.125.127.138] with 32 bytes of data:

Reply from 74.125.127.138: bytes=32 time=106ms TTL=53

Reply from 74.125.127.138: bytes=32 time=44ms TTL=53



Ping statistics for 74.125.127.138:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 44ms, Maximum = 106ms, Average = 75ms

Server: vcns-1.gci.net
Address: 209.165.131.12

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=72ms TTL=53

Reply from 72.30.38.140: bytes=32 time=56ms TTL=53



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 56ms, Maximum = 72ms, Average = 64ms

Server: vcns-1.gci.net
Address: 209.165.131.12

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 21 5c 84 b9 81 ...... Intel® Wireless WiFi Link 4965AGN
11 ...00 21 9b f0 1a 2b ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
13 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
14 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
117 ...00 00 00 00 00 00 00 e0 isatap.gci.net
18 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
19 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
20 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
21 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
24 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
25 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
26 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
27 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
28 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
29 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
30 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
31 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
34 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
37 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
38 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
39 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
40 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
43 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
44 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
45 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
47 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
48 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
49 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
50 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
52 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
53 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
54 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
56 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
57 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
62 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
64 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
65 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
69 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
71 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
74 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
75 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
76 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
77 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
78 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
79 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
81 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
82 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
87 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
88 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
89 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
90 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
91 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
93 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
94 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
96 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
97 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
98 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
99 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
101 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
102 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
103 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
104 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
105 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
106 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
107 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
109 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
110 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
113 ...00 00 00 00 00 00 00 e0 isatap.{E743AA5B-8D97-4C96-B1B9-F7258EF11977}
115 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
118 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 66.58.192.1 66.58.194.208 20
66.58.192.0 255.255.248.0 On-link 66.58.194.208 276
66.58.194.208 255.255.255.255 On-link 66.58.194.208 276
66.58.199.255 255.255.255.255 On-link 66.58.194.208 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 66.58.194.208 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 66.58.194.208 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/25/2012 04:26:40 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/25/2012 04:26:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2012 02:18:26 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/25/2012 02:01:58 PM) (Source: Application Error) (User: )
Description: Faulting application k0th900o.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, faulting module k0th900o.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, exception code 0xc0000005, fault offset 0x0000c676,
process id 0x1730, application start time 0xk0th900o.exe0.

Error: (05/25/2012 10:22:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2012 05:56:59 PM) (Source: System Restore) (User: )
Description: Failed to initiate System Restore (Scheduled Checkpoint).

Error: (05/24/2012 05:26:36 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index cannot be read. (0xc0041800)

Error: (05/24/2012 05:26:36 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (05/24/2012 05:26:36 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (05/24/2012 05:26:36 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)


System errors:
=============
Error: (05/25/2012 04:40:24 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (05/25/2012 04:29:45 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (05/25/2012 04:26:54 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/25/2012 04:26:40 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/25/2012 04:26:23 PM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (05/25/2012 04:26:23 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (05/25/2012 04:25:45 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/25/2012 04:25:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: C:\Windows\System32\IWMSSvc.dll21

Error: (05/25/2012 04:24:49 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:21:52 PM on 5/25/2012 was unexpected.

Error: (05/25/2012 10:26:51 AM) (Source: Service Control Manager) (User: )
Description: Intuit Update Service%%1053


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 1.8.2)
µTorrent (Version: 2.2.1)
32 Bit HP CIO Components Installer (Version: 6.1.2)
6500_E709_BasicWeb (Version: 140.0.000.000)
6500_E709_Help_BasicWeb (Version: 1.00.0000)
AC3Filter (remove only)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
ActivClient CAC x86 (Version: 6.2)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Fonts All (Version: 2.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS (Version: CS)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Reader 9 (Version: 9.0.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AP Tuner 3.08
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
AutoCAD Civil 3D 2012 (Version: 9.0.1619.0)
AutoCAD Civil 3D 2012 32 Bit Object Enabler on Autodesk Content Service - Language Neutral (Version: 1619.0)
AutoCAD Civil 3D 2012 32 Bit Object Enabler on Autodesk® Storm and Sanitary Analysis 2012 - Language Neutral (Version: 1619.0)
AutoCAD Civil 3D 2012 Language Pack - English (Version: 9.0.1619.0)
Autodesk Content Service (Version: 2.0.90)
Autodesk DWF Viewer (Version: 4.1)
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk® Storm and Sanitary Analysis 2012 (Version: 6.4.29)
Banctec Service Agreement (Version: 2.0.0)
BitPim 1.0.6 (Version: 1.0.6)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware_Ini (Version: 1.00.0000)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
Carbonite Online Backup Setup (Version: 3.8.0)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00)
Connect (Version: 1.0.0.1)
Copy (Version: 110.0.180.000)
CustomerResearchQFolder (Version: 1.00.0000)
DBsign Web Signer (Version: 3.0)
Dell-eBay (Version: 1.00.0000)
Dell DataSafe Online (Version: 1.1.0029)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell Touchpad (Version: 7.1.103.4)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.2.1.2)
DivX Version Checker (Version: 7.1.0.9)
DJ_AIO_03_F4200_ProductContext (Version: 110.0.206.000)
DJ_AIO_03_F4200_Software (Version: 110.0.206.000)
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000)
EDocs
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
F4200 (Version: 110.0.206.000)
F4200_Help (Version: 110.0.206.000)
Facebook Plug-In
FARO LS 1.1.406.58 (Version: 4.6.58.2)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FrostWire 4.21.1 (Version: 4.21.1.0)
Garmin Communicator Plugin (Version: 2.8.1)
Garmin USB Drivers (Version: 1.0.0.0)
getPlus® for Adobe (Version: 1.5.2.29)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Gmail Notifier
Google Update Helper (Version: 1.3.21.111)
Google Updater (Version: 2.4.1536.6592)
GoToAssist 8.0.0.514
GPBaseService (Version: 110.0.180.000)
HP Customer Participation Program 11.0 (Version: 11.0)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (Version: 11.0)
HP Imaging Device Functions 11.0 (Version: 11.0)
HP Officejet 6500 E709 Series (Version: 14.0)
HP Photosmart C4600 All-In-One Driver 14.0 Rel. 5 (Version: 14.0)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP Smart Web Printing (Version: 4.0)
HP Solution Center 11.0 (Version: 11.0)
HP Update (Version: 4.000.009.002)
HPProductAssistant (Version: 110.0.180.000)
IBM Lotus Forms Viewer 3.5.1 (Version: 7.6.1.123)
Image Resizer Powertoy Clone for Windows (Version: 2.1)
InstallRoot 3.12 (Version: 3.12)
Intel® Matrix Storage Manager
Intel® PROSet/Wireless Software (Version: 11.01.0000)
Internet Movil Tigo version 4.991
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 6 Update 5 (Version: 1.6.0.50)
kuler (Version: 2.0)
LAME v3.98.2 for Audacity
LG Android Drivers (Version: 1.1)
LG USB Modem driver (Version: 4.9.4)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 110.0.180.000)
McAfee AntiVirus Plus (Version: 11.0.669)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee Virtual Technician (Version: 5.5.0.0)
mCore (Version: 9.24.0000)
MediaDirect (Version: 3.5)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 Trial (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual Basic Power Packs 3.0 (Version: 9.0.30214)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
mMHouse (Version: 9.24.0000)
Modem Diagnostic Tool (Version: 1.0.24.0)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
mPfMgr (Version: 9.24.0000)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWMI (Version: 9.24.0000)
NetWaiting (Version: 2.5.53)
Network (Version: 140.0.215.000)
OutlookAddinSetup (Version: 1.0.0)
PDF Report Writer (novaPDF 6.4 printer)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
PS_AIO_05_C4600_Software_Min (Version: 140.0.690.000)
PSSWCORE (Version: 2.03.0000)
QuickSet (Version: 8.2.20)
QuickTime (Version: 7.70.80.34)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Seagate Manager Installer (Version: 2.01.0700)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SmartWebPrinting (Version: 110.0.182.000)
SolutionCenter (Version: 110.0.180.000)
Status (Version: 110.0.180.000)
Suite Shared Configuration CS4 (Version: 1.0)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 110.0.180.000)
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0328)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0215)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0181)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.0984)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0421)
TurboTax 2008 wnjiper (Version: 008.000.0111)
TurboTax 2008 wrapper (Version: 008.000.0063)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.1779)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0311)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0227)
TurboTax 2009 wnjiper (Version: 009.000.0676)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3073)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0388)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0186)
TurboTax 2010 wnjiper (Version: 010.000.1084)
TurboTax 2010 wrapper (Version: 010.000.0155)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Script Editor Help (KB963671)
UVC VIDEO CAMERA (Version: 1.4.6.10710)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VideoToolkit01 (Version: 110.0.171.000)
Viewer_armyifx (Version: 3.5.1)
Viewpoint Media Player
VLC media player 1.1.2 (Version: 1.1.2)
WebReg (Version: 140.0.213.017)
Winamp (Version: 5.541 )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Xvid 1.2.1 final uninstall (Version: 1.2)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 2037.31 MB
Available physical RAM: 718.92 MB
Total Pagefile: 4317.89 MB
Available Pagefile: 3168.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.41 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:136.74 GB) (Free:35.86 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:5.52 GB) NTFS

========================= Users: ========================================

User accounts for \\COMPUTER

Administrator Guest


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 25 May 2012 - 10:12 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-us/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 Easy Victory

Easy Victory
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 27 May 2012 - 07:59 PM

Now after running MiniToolBox, whenever I start my computer, I can't connect to the internet. I have to Diagnose and Repair the connection, then select "Automatically Get New IP Setting on the Network Adapter" for it to connect properly. How do I fix this?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 27 May 2012 - 08:13 PM

Run this fixit

http://go.microsoft.com/?linkid=9662461

Restart the PC and let me know if you still have issues.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:11 PM

Posted 27 May 2012 - 08:23 PM

If that doesnt work try this

Download

6to4 remover

Extract it,double click i386.exe

Allow it to run,Restart the PC,post the new minitoolbox log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users