Here you are
GMER 1.0.14.14205 -
http://www.gmer.netRootkit scan 2008-03-27 16:21:49
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.14 ----
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess [0xBAF7E8AC]
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwTerminateProcess [0xBAF7E812]
---- User code sections - GMER 1.0.14 ----
.text C:\xampp\apache\bin\apache.exe[140] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\xampp\apache\bin\apache.exe[140] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[140] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[252] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\winlogon.exe[760] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\winlogon.exe[760] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\services.exe[804] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\services.exe[804] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\lsass.exe[816] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\lsass.exe[816] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\svchost.exe[964] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[964] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\svchost.exe[1044] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1044] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\System32\svchost.exe[1084] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\svchost.exe[1084] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\svchost.exe[1192] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1192] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\svchost.exe[1428] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\svchost.exe[1428] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 00385050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 00384F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 00381850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 00381220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 003813B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 46, 88 ]
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] USER32.dll!EndTask 7E459E75 5 Bytes JMP 00384C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] USER32.dll!mouse_event 7E466515 5 Bytes JMP 003816C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] USER32.dll!keybd_event 7E466559 5 Bytes JMP 00381540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 00384950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe[1504] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 00384AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\spoolsv.exe[1588] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\spoolsv.exe[1588] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\xampp\apache\bin\apache.exe[1684] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\xampp\apache\bin\apache.exe[1684] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1704] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 00635050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 00634F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 00631850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 00631220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 006313B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 71, 88 ]
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] USER32.dll!EndTask 7E459E75 5 Bytes JMP 00634C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] USER32.dll!mouse_event 7E466515 5 Bytes JMP 006316C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] USER32.dll!keybd_event 7E466559 5 Bytes JMP 00631540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 00634950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[1724] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 00634AC0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe[1736] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe[1756] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgemc.exe[1796] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Bonjour\mDNSResponder.exe[1828] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\COMODO\Firewall\cmdagent.exe[1840] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[2592] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ 43, E7, 87, 83 ]
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2640] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 28001CD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 28001B10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 28001A90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 28001D90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!FindResourceA 7C80BE89 7 Bytes JMP 28001BA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 28001E00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 28001850 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!FindResourceExA 7C835F78 7 Bytes JMP 28001C30 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] kernel32.dll!OutputDebugStringW 7C85A42D 5 Bytes JMP 28001E60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ADVAPI32.dll!CryptDeriveKey 77DEA685 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ADVAPI32.dll!CryptDecrypt 77DEA7B1 2 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ADVAPI32.dll!CryptDecrypt + 3 77DEA7B4 4 Bytes [ 21, B0, CC, CC ]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 280040C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!CreateWindowExW 7E41FC25 5 Bytes JMP 28003850 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!SetWindowRgn 7E41FFB2 7 Bytes JMP 280059A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!LoadIconW 7E420894 5 Bytes JMP 280062B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!LoadImageW 7E422CFE 5 Bytes JMP 280060C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!CreateDialogParamW 7E427D4F 5 Bytes JMP 28005AC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!SetWindowPlacement 7E42D84C 5 Bytes JMP 28005860 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 28005CB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] USER32.dll!TrackPopupMenuEx 7E46CD28 5 Bytes JMP 280049A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WS2_32.dll!send 71AB428A 5 Bytes JMP 2800A2C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 2800A0A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WS2_32.dll!recv 71AB615A 5 Bytes JMP 28009F00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 2800A4A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WS2_32.dll!closesocket 71AB9639 5 Bytes JMP 2800A6E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] SHELL32.dll!Shell_NotifyIconW 7CA261F5 5 Bytes JMP 28003000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 28002110 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] ole32.dll!CoRegisterClassObject 77518720 5 Bytes JMP 28002210 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WININET.dll!InternetCloseHandle 42C1DAC1 5 Bytes JMP 28009110 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WININET.dll!HttpOpenRequestA 42C24399 5 Bytes JMP 28008DD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WININET.dll!InternetReadFile 42C2ABF4 5 Bytes JMP 28008F60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2908] WININET.dll!HttpSendRequestA 42C2CD78 5 Bytes JMP 28009040 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] USER32.DLL!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] USER32.DLL!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] USER32.DLL!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Documents and Settings\Jay\Desktop\gmer.exe[2956] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\Explorer.EXE[3144] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\Explorer.EXE[3144] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 00EB5050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 00EB4F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 00EB1850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 00EB1220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 00EB13B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ F9, 88 ]
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] USER32.dll!EndTask 7E459E75 5 Bytes JMP 00EB4C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] USER32.dll!mouse_event 7E466515 5 Bytes JMP 00EB16C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] USER32.dll!keybd_event 7E466559 5 Bytes JMP 00EB1540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 00EB4950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3264] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 00EB4AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\System32\alg.exe[3284] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\System32\alg.exe[3284] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\PROGRA~1\Grisoft\AVG7\avgcc.exe[3288] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\WINDOWS\system32\ctfmon.exe[3476] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\WINDOWS\system32\ctfmon.exe[3476] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Windows Media Player\wmplayer.exe[3628] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] ntdll.dll!NtClose 7C90D586 5 Bytes JMP 10005050 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 10004F80 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] USER32.dll!EndTask 7E459E75 5 Bytes JMP 10004C20 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] USER32.dll!mouse_event 7E466515 5 Bytes JMP 100016C0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] USER32.dll!keybd_event 7E466559 5 Bytes JMP 10001540 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] GDI32.dll!BitBlt 77F16F89 5 Bytes JMP 10001850 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] GDI32.dll!CreateDCA 77F1B221 5 Bytes JMP 10001220 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] GDI32.dll!CreateDCW 77F1BE61 2 Bytes JMP 100013B0 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] GDI32.dll!CreateDCW + 3 77F1BE64 2 Bytes [ 0E, 98 ]
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 10004950 C:\WINDOWS\system32\guard32.dll
.text C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe[3760] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 10004AC0 C:\WINDOWS\system32\guard32.dll
---- Kernel IAT/EAT - GMER 1.0.14 ----
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [BA64A950] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [BA64A990] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [BA64A710] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [BA64A770] inspect.sys (COMODO Firewall Pro Firewall Driver/COMODO)
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [005B3AC0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [005B3670] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [005B3700] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [005B3270] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [005B3810] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [005B3870] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW] [005B38D0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [005B3530] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [005B35D0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [005B3AC0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [005B3670] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [005B3270] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [005B3700] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW] [005B3870] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [005B32B0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [005B39B0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge] [005B2C90] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [005B38D0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [005B34C0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [005B3530] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [005B3390] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [005B3AC0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [005B38D0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor] [005B3270] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [005B3530] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW] [005B3870] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] [005B3700] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [005B3AC0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [005B3B10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [005B3B60] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [005B3790] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [005B3A10] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [005B3A80] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
IAT C:\Program Files\COMODO\Firewall\cfp.exe[3336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [005B3BF0] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO Firewall Pro/COMODO)
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Firewall Pro Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\cmdHlp \Device\CFPTcpFlt avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\cmdHlp \Device\CFPRawFlt avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\cmdHlp \Device\CFPUdpFlt avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Firewall Pro Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Firewall Pro Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Firewall Pro Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\cmdHlp \Device\cmdhlp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
Device \Driver\cmdHlp \Device\CFPIpFlt avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
---- EOF - GMER 1.0.14 ----
============
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
==============Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:46, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\xampp\apache\bin\apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\xampp\apache\bin\apache.exe
C:\xampp\mysql\bin\mysqld-nt.exe
F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 6125964953O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\apache.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 6909 bytes