Demande d'aide pour supprimer System Tool

Résolu
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   -  
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

System Tool est apparu sur mon pc portable, avec un programme Win Scan.
Je viens vous demander svp comment procéder pour supprimer ce virus

Je dispose d'un autre pc que j'utilise pour ecrire ce message.

merci d'avance

Nico

<config>Windows XP / Internet Explorer
A voir également:

129 réponses

Précédent
Réponse 61 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
à noter que j'ai eu plusieurs cas ou quand je tape une recherche dans google, je suis redirigé vers un site de pub (ebay,....)
0
Réponse 62 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

choisis le bouton tools
puis le bouton killproxy
laisse faire l'outil

ensuite

choisis l'option CLEAN


laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

colle le contenu dans ta reponse



0
Réponse 63 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
¤¤¤¤¤¤¤¤¤¤ Kill'em by g3n-h@ckm@n 2.1.3.4 ¤¤¤¤¤¤¤¤¤¤

User : avld nicolas (Administrateurs)
Update on 31/01/2011 by g3n-h@ckm@n ::::: 12.30
Start at: 10:43:56 | 03/02/2011

Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83952505 [ Enabled | Updated ]

C:\ -> Disque fixe local | 148,93 Go (121,12 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible

Killed : PID 5168 'iexplore.exe'
Killed : PID 5168 'iexplore.exe'
Killed : PID 6100 'iexplore.exe'
Killed : PID 592 'explorer.exe'
Killed : PID 592 'explorer.exe'


¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Documents and Settings\avld nicolas\Temp
Quarantined & Deleted !! : \AUTOEXEC.BAT
Quarantined & Deleted !! : \vtapi.dll
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\gW4WifGA
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\Z6MyZplWJO
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\~gW4WifGA
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\~gW4WifGAr
Quarantined & Deleted !! : C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
Quarantined & Deleted !! : C:\WINDOWS\System32\x64

¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤

127.0.0.1 localhost

¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤

Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives

¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.msn.com/fr-fr/?ocid=iehp
Local Page = C:\WINDOWS\system32\blank.htm
Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page = https://www.google.com/?gws_rd=ssl
Local Page = C:\WINDOWS\system32\blank.htm
Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

¤¤¤¤¤¤¤¤¤¤ Security Center ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled = 1 (0x1)
AntiVirusDisableNotify = 0 (0x0)
FirewallDisableNotify = 0 (0x0)
UpdatesDisableNotify = 0 (0x0)
AntiVirusOverride = 0 (0x0)
FirewallOverride = 0 (0x0)

¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤

Ndisuio : Start = 3
EapHost : Start = 2
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2

¤¤¤¤¤¤¤¤¤¤ Winlogon

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell = 1 (0x1)
Shell = explorer.exe
Userinit = C:\WINDOWS\System32\userinit.exe,
System =

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Disk Cleaned
Prefetch cleaned
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FEATURE_BROWSER_EMULATION | svchost :
====================================


Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST916031 rev.0003 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89D551ED]<<
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x89CEB030]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-1[0x89CE8028]
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\iaStor -> 0x89d551ed
user & kernel MBR OK
Warning: possible MBR rootkit infection !


End of Scan : 10:48:24




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 64 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\
* Télécharge mbr.exe de Gmer ici : http://www2.gmer.net/mbr/mbr.exe et enregistre le fichier sur le Bureau.
* Merci à Malekal pour le tutoriel
* Désactive tes protections et coupe la connexion. (Antivirus et antispywares, HIPS et autre résident)
* Double clique sur mbr.exe
* Un rapport sera généré : mbr.log
* En cas d'infection, ce message "MBR rootkit code detected" va apparaitre.
* Pour supprimer le rootkit aller dans le menu Démarrer=> Exécuter et tapez la commande en gras:

=> Sous XP : "%userprofile%\Bureau\mbr" -f

=> Sous Vista/Seven : "%userprofile%\Desktop\mbr" -f


* (veuillez à bien respecter les guillemets)
* Dans le mbr.log cette ligne apparaitra "original MBR restored successfully !"
* Réactive tes protections .Poste ce rapport et supprime le ensuite.

o Pour vérifier désactive tes protections et coupe la connexion. (Antivirus et antispywares, HIPS et autre résident)
o Relance mbr.exe
o Réactive tes protections.
o Le nouveau mbr.log devrait être celui-ci :
o Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net
o device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
et en complément de GMER

ATTENTION !! ce script est réservé uniquement à cette machine , ne pas reproduire !!!!!

? Relance List&Kill'em,avec le raccourci sur ton bureau.

mais cette fois-ci :

? choisis l'option Tools puis Script

une fenêtre noire va s'ouvrir brievement , et List_Kill'em va se fermer

un nouveau document texte s'ouvre , copie/colle ce en gras si dessous :


REM:HKEY_CURRENT_USER\software\opsmr9ibkfl

? enregistre le document texte avec l'onglet fichier (enregistrer) de ce dernier , puis ferme-le

laisse travailler l'outil

? poste le resultat

? Ferme List_Kill'em

Note : le rapport est sur ton bureau : Script_(4 chiffres).txt

===========================

? Relance List&Kill'em mais cette fois-ci :

? choisis l'option Tools puis Command Lines

un document texte va s'ouvrir à l'apparition de : Text Please

?copie/colle le texte en gras ci-dessous :

@echo off
for %%a in (
"HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A3320D6-C805-4280-B423-B665BDE33D8F}"
"HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}"
) do (
for /f "skip=4 tokens=*" %%b in ('swreg.exe query %%a') do ( echo %%~b>> reg.txt )
echo.>>reg.txt )
notepad reg.txt
del /f /q reg.txt
exit

ensuite onglet "Fichier" clic sur enregistrer , puis ferme ce bloc notes

Laisse travailler l'outil

un rapport va s'ouvrir , poste le resultat
0
Réponse 66 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
pas de rootkit, le rapport a directement été :


Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST916031 rev.0003 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
0
Réponse 67 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
¤¤¤¤¤¤¤¤¤¤ Script of List_Kill'em by gen-hackman ¤¤¤¤¤¤¤¤¤¤

User : avld nicolas (Administrateurs)
Update on 31/01/2011 by g3n-h@ckm@n ::::: 12.30
Start at: 18:47:53 | 03/02/2011

Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83952505 [ Enabled | Updated ]

C:\ -> Disque fixe local | 148,93 Go (121,17 Go free) [OS] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible


¤¤¤¤¤¤¤¤¤¤ Processes :


¤¤¤¤¤¤¤¤¤¤ Added Keys :


¤¤¤¤¤¤¤¤¤¤ Removed Keys :

Deleted : HKEY_CURRENT_USER\software\opsmr9ibkfl

¤¤¤¤¤¤¤¤¤¤ File|Folder deleted :


¤¤¤¤¤¤¤¤¤¤ Drivers deleted :




¤¤¤¤¤¤¤¤¤¤ Object Restored :


¤¤¤¤¤¤¤¤¤¤ Folder List :


¤¤¤¤¤¤¤¤¤¤ Read File :


¤¤¤¤¤¤¤¤¤¤ Sign control :




End at 18:49:29

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
0
Réponse 68 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2a3320d6-c805-4280-b423-b665bde33d8f}
ComponentID REG_SZ M979906
<NO NAME> REG_SZ Microsoft .NET Framework 1.1 Security Update (KB979906)
Version REG_SZ 1,1,4322
Locale REG_SZ *
IsInstalled REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2f6efce6-10df-49f9-9e64-9ae3775b2588}
IsInstalled REG_DWORD 1 (0x1)
Locale REG_SZ *
Version REG_SZ 1,1,4322
ComponentID REG_SZ M2416447
<NO NAME> REG_SZ Microsoft .NET Framework 1.1 Security Update (KB2416447)
0
Réponse 69 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok

apres redemarrage du pc as tu encore des redirections ?
0
Réponse 70 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
à priori non.

Mozilla Firefox est parfois un peu lent à se charger, voire le fenetre ne s'affiche pas
0
Réponse 71 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
desinstalle le

puis ATF

puis réinstalle le

________

ATF

Télécharge :ATF Cleaner par Atribune
http://www.atribune.org/ccount/click.php?id=1

Double-clique (clic droit "en tant qu'administrateur" pour Vista) ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected a
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité.
Clique Exit, du menu prinicipal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
0
Réponse 72 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
ok fait.
mais le fonctionnement lent ou haché n'a pas changé.
0
Réponse 73 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
Fais un nouveau rapport ZHPdiag stp

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

________________

en cas de blocage sur ci joint. fr tenter ici https://www.cjoint.com/
0
Réponse 74 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
http://www.cijoint.fr/cjlink.php?file=cj201102/cij5Q74pOQ.txt


à noter que quand j'ai tapé commentcamarche dans google puis cliqué sur le lien, j'ai été redirigé vers ebay
0
Réponse 75 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
c'est bizarre rien n'apparait

* Télécharge Defogger
http://www.jpshortstuff.247fixes.com/Defogger.exe

=> lance le
* Une fenêtre apparait clique sur Disable
* Redémarre le PC si demandé


ensuite



/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\


? Télécharge : Gmer (by Przemyslaw Gmerek)

http://www.gmer.net/



? Dezippe gmer ,cliques sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

? Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)
0
Réponse 76 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:19 on 04/02/2011 (avld nicolas)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
0
Réponse 77 / 129
moment de grace Messages postés 29042 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
 
ok

=> GMER

ces redirections les as tu également avec internet explorer ?
0
Réponse 78 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-04 09:31:02
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST916031 rev.0003
Running: 9mve482g.exe; Driver: C:\DOCUME~1\AVLDNI~1\LOCALS~1\Temp\fxtdrpob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA8744728]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xA874B7EA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xA874B6A2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xA874BCA8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xA874BBBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xA874B276]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA87447D8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xA874B77E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xA874B1B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xA874B218]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA8744870]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xA874B8C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA874BD76]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xA874B880]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xA874BA04]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA875882E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA8758652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA875878C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2C48 805044E4 4 Bytes JMP 48A874B7
PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP A8758790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP A8758656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP A87541EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP A8755C88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP A8758832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? C:\DOCUME~1\AVLDNI~1\LOCALS~1\Temp\mbr.sys Le fichier spécifié est introuvable. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[408] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\unsecapp.exe[512] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\Apoint.exe[592] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\AESTFltr.exe[604] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\hkcmd.exe[608] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxpers.exe[612] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[616] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe[620] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\SearchIndexer.exe[688] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\igfxsrvc.exe[704] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe[708] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] USER32.dll!SetWindowsHookExA 7E3B1211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] USER32.dll!SetWinEventHook 7E3B17F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DellTPad\ApMsgFwd.exe[740] USER32.dll!UnhookWinEvent 7E3B18AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ntdll.dll!LdrUnloadDll 7C92738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[820] ADVAPI32.dll!ChangeServiceConfig2W 77E07189
0
Réponse 79 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
exemple de lien de redirection que je viens d'avoir sur firefox, en cliquant sur commentcamarche après recherche google :

http://itcg.20342.information-seeking.com/jump2/?affiliate=itcg&subid=20342&terms=commentcamarche
0
Réponse 80 / 129
Nic-mtp Messages postés 129 Date d'inscription   Statut Membre Dernière intervention   1
 
avec Explorer aussi il y a redirections

exemple de lien pour la meme recherche

http://search.fr.meilleures-offres.fr/?action=search&keyword=commentcamarche
0

Discussions similaires

Rétrodiffusion "Mail Delivery System"
baissaoui -
baissaoui -

0 réponse