|
#1
September 30th, 2012, 01:26 AM
|
||||
|
||||
|
3 Browers: No site configured at this address
Hi,
Something is wrong with my browsers or computer. First thing I noticed last week was that some of my G+ games wouldn't load, but I figured it was probably a game glitch and it would work itself out. Then more G+ games stopped working for me, but others I asked said they were working fine for them. Today none of my G+ games would load, and I noticed other weird things such as dropdown lists not coming down when clicked on, graphics and pictures not showing up (even on this website, there are no buttons, picture of lady up at the top, smilies, etc.). And whenever I try to go to websites I either get a 404 error or mostly "No site configured at this address". It's not any one particular web address, and I've tried using Chrome, Firefox, and IE and get the same error message on all three. Sometimes even when I click on the Home button which is Google.com. I am hoping that someone here could please help me. Thank you in advance for any advice.  P.S. - My computer is an Acer Aspire, I'm using Vista Home Premium SP2, 32-bit, IE9, Chrome Version 22.0.1229.79 m, and Firefox 15.0.1 
|
|
#2
September 30th, 2012, 01:51 AM
|
||||
|
||||
|
Hello grace too,
Let's take a look-see. The system is Vista, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool. And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed. ------- Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please. ----------- Click here and download the installer for Gmer to your desktop, then click that file to run Gmer. Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. ----------- Download aswMBR ( 511KB ) to your desktop.
A lot, but comprehensive, and will make sure we get a good view of everything.
|
|
#3
September 30th, 2012, 08:22 PM
|
||||
|
||||
|
Hi Tom
Thanks for your speedy reply. Well, I followed all of your instructions, and then... I messed up. When I saw that one of the files was showing all of the junk on my desktop, I tidied up a little. Then when I ran the OTL scan again it wouldn't give me the Extra.Txt anymore. I even deleting the program and re-dl'd it and ran again, but still no Extra.Txt file. I hope this is okay and that you aren't angry with me. If there is some way I can fix it just let me know and I'll do it. I'm sorry. I do have the OTL, Evqi, and aswMBR text files though. I tried posting all 3, but I went over the character alottment, so I'll make 3 posts. Post 1 of 6: OTL logfile created on: 9/30/2012 1:48:26 PM - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pandora\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.75 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 48.50% Memory free 3.74 Gb Paging File | 2.32 Gb Available in Paging File | 61.86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 113.36 Gb Total Space | 63.41 Gb Free Space | 55.94% Space Free | Partition Type: NTFS Drive D: | 170.08 Gb Total Space | 161.44 Gb Free Space | 94.92% Space Free | Partition Type: NTFS Computer Name: PANDORA-PC | User Name: Pandora | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/30 13:41:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pandora\Desktop\OTL.exe PRC - [2012/09/27 00:42:56 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_ 4_402_278_ActiveX.exe PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012/07/09 07:44:46 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/02/01 13:36:38 | 022,140,304 | ---- | M] (magicJack L.P.) -- C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe PRC - [2011/10/21 05:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe PRC - [2009/04/13 14:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/04/25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe PRC - [2008/04/25 13:31:24 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe PRC - [2008/04/25 13:30:26 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe PRC - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe PRC - [2007/02/08 18:52:06 | 000,074,672 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe PRC - [2007/02/08 18:51:54 | 000,058,288 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmon.exe PRC - [2007/02/08 18:50:33 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe ========== Modules (No Company Name) ========== MOD - [2012/06/14 10:30:05 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\f2691cfa7671cdc58179e56ba9227591 \System.Windows.Forms.ni.dll MOD - [2012/06/14 10:29:55 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\18f9789aa214c657113e676b3a9015aa\Syste m.Drawing.ni.dll MOD - [2012/05/11 12:50:02 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\Sy stem.Management.ni.dll MOD - [2012/05/11 12:44:37 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MOD - [2012/05/11 12:44:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni .dll MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2010/09/19 21:18:37 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.UIComponent \3.0.3008.0__739b31b1908c49e5\Framework.UIComponen t.dll MOD - [2010/09/19 21:18:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0 .3008.0__3036420f80dd6947\Framework.Library.dll MOD - [2010/09/19 21:18:37 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0 .3008.0__4df5dcab8860d239\Framework.Utility.dll MOD - [2010/09/19 21:18:37 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.30 08.0__672b450de5a7e94a\Framework.Host.dll MOD - [2010/09/19 21:18:37 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.PluginInter face\3.0.3008.0__9ecdf03bb2054f94\Framework.Plugin Interface.dll MOD - [2008/08/30 04:59:02 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008/04/25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe MOD - [2008/04/25 13:31:24 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe MOD - [2008/04/25 13:30:22 | 000,011,264 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll MOD - [2008/04/25 13:29:36 | 001,822,720 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll MOD - [2008/04/23 10:56:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll MOD - [2008/02/04 16:29:02 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - [2012/09/13 17:30:54 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/07/11 14:32:24 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012/07/09 07:44:46 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv) SRV - [2010/02/20 19:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009/10/20 14:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009/04/13 14:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2009/04/10 23:28:18 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2008/04/25 13:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service) SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/02/08 18:50:33 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7) DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Pandora\AppData\Local\Temp\fwdiyfob.sys -- (fwdiyfob) DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012/07/09 07:45:00 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2011/05/07 18:51:26 | 000,451,160 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2010/06/24 14:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\appliand.sys -- (appliandMP) DRV - [2010/06/24 14:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appliand.sys -- (appliand) DRV - [2009/10/20 14:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot) DRV - [2008/08/30 06:58:16 | 003,929,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/04/25 13:23:40 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2008/02/25 16:29:24 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport) DRV - [2008/02/25 16:29:24 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport) DRV - [2008/01/20 22:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2007/12/19 02:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2006/10/29 23:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT2611275 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/ IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\..\SearchScopes,DefaultScope = {7CF7AD63-689E-4A6A-B41E-D844908E2A0C} IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\..\SearchScopes\{7CF7AD63-689E-4A6A-B41E-D844908E2A0C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?} IE - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.ca" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_40 2_265.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npF FApi.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Pandora\AppData\Roaming\Mozilla\plugins\n pgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Pandora\AppData\Roaming\Mozilla\plugins\n pgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pandora\AppData\Local\Google\Update\1.3.2 1.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pandora\AppData\Local\Google\Update\1.3.2 1.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/07/19 22:35:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/13 17:30:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/13 17:30:56 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/03 17:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pandora\AppData\Roaming\Mozilla\Extension s [2012/07/10 17:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pandora\AppData\Roaming\Mozilla\Firefox\P rofiles\bnkztkpi.default\extensions [2012/03/03 17:18:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/09/13 17:30:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/09/13 17:30:27 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/09/13 17:30:27 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ }{google:acceptedSuggestion}{google:originalQueryF orSuggestion}{google:searchFieldtrialParameter}sou rceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&hl={language}&q={searc hTerms} CHR - homepage: http://www.google.com CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoo gleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.d ll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\gcswf 32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Pandora\AppData\Roaming\Mozilla\plugins\n pgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Pandora\AppData\Roaming\Mozilla\plugins\n pgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npF FApi.dll CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Learn French - Tr\u00E8s Bien = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeifanonhefcaphaeeknpklkfn jjmpec\1.46_0\ CHR - Extension: Learn German - Wie Geht's = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglfgpioobpcmdheljepehachd jeopad\1.46_0\ CHR - Extension: Gojee = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohck mfpgnb\2.5_0\ CHR - Extension: House Plans = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnmfkilicomdippcehaldlonf ldmlfi\2.2_0\ CHR - Extension: Pac-xon = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\akbhffdipdbpbljpigineiocen lilegd\13.2334.9140_0\ CHR - Extension: Kleki = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdndldkfimmnnfbagnkjgnemgp jadbag\0.12.3_0\ CHR - Extension: Loupe = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeome cgipkc\2.0.3_0\ CHR - Extension: Rage Comics = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigbpmgpdffelbefknlmefjiej goinao\1.3_0\ CHR - Extension: YouTube = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\ CHR - Extension: Look of Disapproval = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmomlddchhdnchpieaalgkpgaa fohlbn\2.3.8_0\ CHR - Extension: Aviary Image Editor = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafkakmjmhfnnfclmjdfpnbmde ddkoeo\0.0.1.0_0\ CHR - Extension: rotoscope = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhimnnhmaanmanmmokfpijgamb okcpni\2_0\ CHR - Extension: Sumo Paint = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbc ajnmod\3.7_0\ CHR - Extension: Pixlr-o-matic = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfpp liikcj\1.2_0\ CHR - Extension: Uncircle Uncirclers+ = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnckobddbbbgfabnhogmncmghn gohflh\1.5_0\ CHR - Extension: Stopwatch = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnab opeioh\3.5_0\ CHR - Extension: Click&Clean = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmame dcbeod\7.9_0\ CHR - Extension: AdBlock = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.45_0\ CHR - Extension: TinEye Reverse Image Search = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafi jpncjl\1.1.2_0\ CHR - Extension: Gradient Creator! = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcplneddoadgichngfbobgpllf phdfla\0.2.1.3_0\ CHR - Extension: FabCam = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjj pgadfl\1.3_0\ CHR - Extension: Metric Conversion Chart = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjgliedcooajpeddcfjhibeob flojbm\0.0.0.2_0\ CHR - Extension: Ultimate Flash Sonic = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgmfbijldhdncjcipeocgkgbj haecfp\1.0_0\ CHR - Extension: Vector Paint = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoif ekhgdo\3.0.0.0_0\ CHR - Extension: Japanese Kana = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhmomiblghhhfjleapinggmnj hinign\2.0.3_0\ CHR - Extension: Pixlr Express = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokei dchjid\1.2_0\ CHR - Extension: Bubble Shooter -HD = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefa llmaln\2.2.0_0\ CHR - Extension: Quotes Book = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfjeadhjbcepmknoanimdbeml obmlpe\1.3_0\ CHR - Extension: Glitterboo = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlain mnkicp\1.1.4_0\ CHR - Extension: iPiccy Photo Editor = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhi gjbpjh\1.1_0\ CHR - Extension: Lose It! = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedo cpgocn\3.5.0.3_0\ CHR - Extension: Instant Retro = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlahmeejnbkdnjnckboeglpfmj bfmopp\3.2_0\ CHR - Extension: Sonic The Hedgehog = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedkigfjfggbogabkneghpocom fpfgdi\5.2_0\ CHR - Extension: Picozu = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajpehananomepaahgohcnmgkg mkhogf\1.0.1_0\ CHR - Extension: Horoscopes = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiajkdbeniimalmhnacldmmdn dkkmgl\1.0.0.2_0\ CHR - Extension: Speak German = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\locgohballooclmikjkhhdgdfg hennfd\1.0.1_0\ CHR - Extension: Hidden Object Games Online = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnmkolabeomngkkeljdkgnake mkcckm\1.2_0\ CHR - Extension: Harmony = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbc nkkgcn\6_0\ CHR - Extension: Google Dictionary (by Google) = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmj gjcoja\3.0.15_0\ CHR - Extension: deviantART muro = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceima alofei\1.0_0\ CHR - Extension: Diet Diary = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\neckeibmjhibmgoigmffjlihek efmffd\1.1_0\ CHR - Extension: My Days - Period & Ovulation Tracker = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfopeeobiloabkklfmpobebji cddbjp\1_0\ CHR - Extension: piZap photo editor = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnf dkdmok\4.2.2_0\ CHR - Extension: Thesaurus = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkake hngcem\1.4_0\ CHR - Extension: Gmail = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\ CHR - Extension: Learn Spanish - Qu\u00E9 Onda Spanish = C:\Users\Pandora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoo cbcmaj\1_0\ O1 HOSTS File: ([2011/12/08 13:56:01 | 000,438,870 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15096 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\Tru stCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\Tru stCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\Tru stCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google) O4 - HKLM..\Run: [ISW] File not found O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000..\Run: [cdloader] C:\Users\Pandora\AppData\Roaming\mjusbsp\cdloader2 .exe (magicJack L.P.) O4 - HKU\S-1-5-21-2569225185-2745256017-3556029199-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Pandora\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Pandora\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk.disabled () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/pr.../ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary...r.cab56986.cab (Checkers Class) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/reso...an8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Reg Error: Value error.) O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} http://zone.msn.com/bingame/zpagames...f.cab55579.cab (ZPA_WheelOfFortune Object) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames...e.cab79352.cab (MSN Games – Texas Holdem Poker) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramewor....cab102118.cab (MSN Games - Installer) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/bingame/zpagames...l.cab56649.cab (CBankshotZoneCtrl Class) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{BCD16A46-17CF-48A7-97D2-C94905809BB8}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Pandora\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Pandora\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008/11/25 12:44:40 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/09/30 13:41:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pandora\Desktop\OTL.exe [2012/09/29 21:30:40 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Pandora\Desktop\aswMBR.exe [2012/09/28 15:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/09/28 15:44:17 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012/09/28 15:43:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012/09/28 15:43:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012/09/28 15:43:51 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012/09/28 15:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/09/25 20:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software [2012/09/24 11:39:52 | 000,000,000 | ---D | C] -- C:\Users\Pandora\AppData\Local\adaware [2012/09/24 11:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2012/09/24 11:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2012/09/22 20:43:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/09/22 20:43:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/09/22 20:43:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/09/22 20:43:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/09/22 20:43:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/09/22 20:43:41 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/09/22 20:43:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/09/22 20:43:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/09/21 01:27:31 | 000,000,000 | ---D | C] -- C:\Users\Pandora\AppData\Roaming\QuickScan [2012/09/14 03:33:10 | 000,000,000 | ---D | C] -- C:\Users\Pandora\AppData\Local\Macromedia [2012/09/14 03:31:37 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012/09/14 03:31:37 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [1 C:\Users\Pandora\Desktop\*.tmp files -> C:\Users\Pandora\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/09/30 13:41:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pandora\Desktop\OTL.exe [2012/09/30 13:12:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2569225185-2745256017-3556029199-1000UA.job [2012/09/30 12:52:03 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/30 12:14:48 | 000,000,907 | ---- | M] () -- C:\Users\Pandora\Desktop\magicJack.lnk [2012/09/30 12:13:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2012/09/30 12:13:41 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/30 12:13:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/30 12:13:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/30 12:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/30 12:13:23 | 1878,188,032 | -HS- | M] () -- C:\hiberfil.sys [2012/09/29 21:30:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Pandora\Desktop\aswMBR.exe [2012/09/29 21:27:11 | 000,302,592 | ---- | M] () -- C:\Users\Pandora\Desktop\evqi90e0.exe [2012/09/29 03:12:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2569225185-2745256017-3556029199-1000Core.job [2012/09/28 15:43:37 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012/09/28 15:43:34 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012/09/28 15:43:34 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012/09/28 15:43:33 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012/09/28 15:43:32 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012/09/28 15:43:32 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012/09/27 00:42:57 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012/09/27 00:42:56 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012/09/25 20:23:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/09/25 20:23:52 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/09/25 20:23:52 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/09/25 18:25:32 | 000,002,637 | ---- | M] () -- C:\Users\Pandora\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk [2012/09/22 15:51:32 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2012/09/22 15:51:32 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2012/09/07 05:16:12 | 000,516,119 | ---- | M] () -- C:\Users\Pandora\Desktop\pspbrwse.jbf [1 C:\Users\Pandora\Desktop\*.tmp files -> C:\Users\Pandora\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/09/29 21:27:11 | 000,302,592 | ---- | C] () -- C:\Users\Pandora\Desktop\evqi90e0.exe [2012/07/07 17:09:12 | 000,000,872 | ---- | C] () -- C:\Users\Pandora\.recently-used.xbel [2011/11/18 23:58:42 | 000,617,820 | ---- | C] () -- C:\Users\Pandora\AppData\Local\census.cache [2011/11/18 23:58:16 | 000,224,833 | ---- | C] () -- C:\Users\Pandora\AppData\Local\ars.cache [2011/11/05 22:53:46 | 000,000,345 | ---- | C] () -- C:\Windows\wininit.ini [2011/04/25 01:54:15 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011/04/25 01:54:15 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011/02/23 22:33:04 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI [2011/01/19 16:24:09 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll [2011/01/09 05:13:40 | 000,000,036 | ---- | C] () -- C:\Users\Pandora\AppData\Local\housecall.guid.cach e [2011/01/06 01:40:53 | 000,000,608 | ---- | C] () -- C:\Users\Pandora\AppData\Roaming\wklnhst.dat [2010/09/20 16:10:24 | 000,006,656 | ---- | C] () -- C:\Users\Pandora\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:98A8ABBD @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:FC420CE6 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FEBEC560 < End of report > Last edited by grace too; September 30th, 2012 at 08:39 PM.
|
|
#4
September 30th, 2012, 08:28 PM
|
||||
|
||||
|
Post 2 of 6:
GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-09-30 13:36:54 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200AAJS-22B4A0 rev.01.03A01 Running: evqi90e0.exe; Driver: C:\Users\Pandora\AppData\Local\Temp\fwdiyfob.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcConnectPort [0x8E47B26C] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcCreatePort [0x8E47BB34] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0x8E47ACC2] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0x8E474586] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateKey [0x8E495E92] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0x8E47B7CC] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0x8E47B92A] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0x8E4752B6] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteKey [0x8E4978DE] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0x8E4971F6] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey [0x8E4982A8] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0x8E4984E6] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKeyEx [0x8E498998] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwMapViewOfSection [0x8E49A82A] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0x8E474E6E] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRenameKey [0x8E49936E] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwReplaceKey [0x8E498C62] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0x8E47A86A] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRestoreKey [0x8E499DCE] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0x8E4756C0] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0x8E4998F6] SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetValueKey [0x8E496954] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 13D 822EC800 8 Bytes [6C, B2, 47, 8E, 34, BB, 47, ...] .text ntkrnlpa.exe!KeSetEvent + 1C1 822EC884 4 Bytes [C2, AC, 47, 8E] .text ntkrnlpa.exe!KeSetEvent + 1D9 822EC89C 4 Bytes [86, 45, 47, 8E] .text ntkrnlpa.exe!KeSetEvent + 1E9 822EC8AC 4 Bytes [92, 5E, 49, 8E] .text ntkrnlpa.exe!KeSetEvent + 205 822EC8C8 4 Bytes [CC, B7, 47, 8E] .text ... .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8D201000, 0x213CB7, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\System32\spoolsv.exe[296] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\spoolsv.exe[296] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[312] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\taskeng.exe[480] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\wininit.exe[648] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\services.exe[692] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsass.exe[708] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lsm.exe[716] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[900] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[964] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\Ati2evxx.exe[1172] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1196] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ntdll.dll!NtSetInformationProcess Continued next post... Last edited by grace too; September 30th, 2012 at 08:40 PM. Reason: Edited all posts to state the number of the post ("Post 2 of 6:")
|
|
#5
September 30th, 2012, 08:33 PM
|
||||
|
||||
|
Post 3 of 6:
76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[1236] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1252] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1348] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1404] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\Explorer.EXE[1536] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C5 762DB37C 4 Bytes [00, 26, 00, 10] {ADD [ESI], AH; ADD [EAX], DL} .text C:\Windows\Explorer.EXE[1536] SHELL32.dll!ShellExecuteExW + 18B7 7630DA14 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL} .text C:\Windows\system32\svchost.exe[1612] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[1612] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] USER32.dll!IsWindowUnicode + 37 75CA90B5 5 Bytes JMP 20CB9270 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2344] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] KERNEL32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\lxczcoms.exe[2652] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[2752] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) Continued next post...
|
|
#6
September 30th, 2012, 08:36 PM
|
||||
|
||||
|
Post 4 of 6:
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[3044] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\System32\svchost.exe[3108] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchIndexer.exe[3156] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchProtocolHost.exe[3176] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\WUDFHost.exe[3560] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\SearchFilterHost.exe[3620] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Windows\system32\svchost.exe[4012] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ntdll.dll!NtAccessCheckByType 76E23EB4 5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ntdll.dll!NtAccessCheckByType 76E23EB4 Continued next post... Last edited by grace too; September 30th, 2012 at 08:41 PM.
|
|
#7
September 30th, 2012, 08:36 PM
|
||||
|
||||
|
5 of 6:
5 Bytes JMP 20CB8791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ntdll.dll!NtAlpcImpersonateClientOfPort 76E24084 5 Bytes JMP 20CB8DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ntdll.dll!NtImpersonateClientOfPort 76E24854 5 Bytes JMP 20CB8D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ntdll.dll!NtSetInformationProcess 76E25194 5 Bytes JMP 20CB89AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] kernel32.dll!OpenProcess 76207487 5 Bytes JMP 20CB846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] USER32.dll!FindWindowA 75CA9D76 5 Bytes JMP 20CB828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] USER32.dll!FindWindowW 75CBA441 5 Bytes JMP 20CB825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ADVAPI32.dll!ImpersonateNamedPipeClient 76103A48 5 Bytes JMP 20CB8E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) .text C:\Users\Pandora\Desktop\evqi90e0.exe[6056] ADVAPI32.dll!SetThreadToken 76118E21 5 Bytes JMP 20CB9036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\System32\spoolsv.exe[296] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[312] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\taskeng.exe[480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\wininit.exe[648] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\services.exe[692] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\lsass.exe[708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\lsm.exe[716] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[964] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\Ati2evxx.exe[1172] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\System32\svchost.exe[1196] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\System32\svchost.exe[1236] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[1252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[1348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73E87817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73ECB4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73E8BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73E7F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73E875E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73E7E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EB73F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73E8DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73E7FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73E7FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73E771CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73F0CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73EAC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73E7D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E76853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E7687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73E82AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d 0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[1536] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\system32\svchost.exe[1612] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleW] [726B4360] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [726B4380] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [726B3E90] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [726B4340] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [726B9EF0] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [726B9EF0] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [726B20F0] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!RegisterWaitForSingleObject] [726B1F20] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] [726B9EF0] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7628DDF5] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7628DDF5] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] [7628DDFA] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1992] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7628DDF5] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) IAT C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe[2244] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[2304] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[2344] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[2392] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2440] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Acer\Empowering Technology\Service\ETService.exe[2500] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2608] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\lxczcoms.exe[2652] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2692] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[2752] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2792] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe[2836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Users\Pandora\AppData\Roaming\mjusbsp\magicJack .exe[3040] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[3044] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\System32\svchost.exe[3108] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\SearchIndexer.exe[3156] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[3332] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\WUDFHost.exe[3560] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Windows\system32\svchost.exe[4012] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E[4720] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) IAT C:\Users\Pandora\Desktop\evqi90e0.exe[6056] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20CB835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies) ---- EOF - GMER 1.0.15 ---- Last edited by grace too; September 30th, 2012 at 08:41 PM.
|
|
#8
September 30th, 2012, 08:37 PM
|
||||
|
||||
|
Post 6 of 6:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-09-30 13:53:13 ----------------------------- 13:53:13.293 OS Version: Windows 6.0.6002 Service Pack 2 13:53:13.293 Number of processors: 2 586 0x6B02 13:53:13.293 ComputerName: PANDORA-PC UserName: Pandora 13:53:14.275 Initialize success 14:01:38.359 AVAST engine defs: 12093000 14:01:56.377 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 14:01:56.377 Disk 0 Vendor: WDC_WD3200AAJS-22B4A0 01.03A01 Size: 305245MB BusType: 3 14:01:56.736 Disk 0 MBR read successfully 14:01:56.799 Disk 0 MBR scan 14:01:56.877 Disk 0 unknown MBR code 14:01:56.939 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15005 MB offset 63 14:01:57.017 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 116076 MB offset 30734336 14:01:57.111 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 174161 MB offset 268457984 14:01:57.235 Disk 0 scanning sectors +625139712 14:01:57.813 Disk 0 scanning C:\Windows\system32\drivers 14:03:38.947 Service scanning 14:04:00.070 Modules scanning 14:05:48.521 Disk 0 trace - called modules: 14:05:48.599 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 14:05:48.615 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b3f030] 14:05:48.615 3 CLASSPNP.SYS[877a38b3] -> nt!IofCallDriver -> [0x84b364b8] 14:05:48.630 5 acpi.sys[806126bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84b20030] 14:05:48.973 AVAST engine scan C:\Windows 14:06:25.368 AVAST engine scan C:\Windows\system32 14:12:39.973 AVAST engine scan C:\Windows\system32\drivers 14:13:01.719 AVAST engine scan C:\Users\Pandora 14:46:12.429 AVAST engine scan C:\ProgramData 14:49:27.881 Scan finished successfully 14:49:51.437 Disk 0 MBR has been saved successfully to "C:\Users\Pandora\Desktop\MBR.dat" 14:49:51.453 The log file has been saved successfully to "C:\Users\Pandora\Desktop\aswMBR.txt" Thank you, Tom
Last edited by grace too; September 30th, 2012 at 08:42 PM.
|
|
#9
September 30th, 2012, 10:47 PM
|
||||
|
||||
|
Sorry, Zone Alarm can turn a Gmer scan log into a posting marathon. Not too much in this so far. OTL only runs that Extras.txt scan log on the first run, but it still should be in the same location as OTL.exe. If not, please download HijackThis from Here. Then click on the downloaded file, and install HijackThis.
In HijackThis, click Config - Misc Tools - Open Uninstall Manager. Click on Save List, then save that to a location you can locate again (such as the desktop). Copy/paste the contents of that back here please.
|
|
#10
October 1st, 2012, 12:45 AM
|
||||
|
||||
|
Lol you're right it really was like a posting marathon!
The OTL file is on the desktop, and now that I've tidied it things are easier to find, and the Extra file isn't there. So I did as you said and dl'ed Hijackthis. Here is the unistall list: ABBYY FineReader 6.0 Sprint Acer Arcade Live Main Page Acer Assist Acer DV Magician Acer DVDivine Acer eDataSecurity Management Acer Empowering Technology Acer eRecovery Management Acer eSettings Management Acer GameZone Console DTV 2.0.1.1 Acer HomeMedia Acer HomeMedia Connect Acer HomeMedia Trial Creator Acer Registration Acer ScreenSaver Acer SlideShow DVD Acer VideoMagician Activation Assistant for the 2007 Microsoft Office suites Ad-Aware Browsing Protection Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Agatha Christie Death on the Nile Alice Greenfingers Azada Azada Backspin Billiards Big Kahuna Reef Bookworm Deluxe Bricks of Egypt Cake Mania Catalyst Control Center - Branding Chicken Invaders 3 Chuzzle Compatibility Pack for the 2007 Office system Cradle of Rome Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash Flo on the Go EMDB 1.36 ESET Online Scanner v3 eSobi v2 FileZilla Client 3.5.3 Flip Words 2 Gemsweeper Google Chrome Google Talk (remove only) Google Talk Plugin Google Update Helper Great Adventures - Lost in Mountains HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Jane Angel - Templar Mystery Java 7 Update 7 JavaFX 2.1.1 Jewel Quest Solitaire Kick N Rush Lexmark 1200 Series Lexmark Fax Solutions Mahjong Escape Ancient China Mahjongg Artifacts Malwarebytes Anti-Malware version 1.62.0.1300 Mavis Beacon Teaches Typing 12 Standard Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile Microsoft Choice Guard Microsoft Office 2000 Disc 2 Microsoft Office 2000 Professional Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Excel MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Standard 2010 Microsoft Office Standard 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Word Supplemental Templates and Wizards Microsoft Works Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery Case Files - Huntsville Mystery Solitaire - Secret Island NTI Backup Now 5 NTI Media Maker 8 Panda ActiveScan 2.0 PG583_32_inf PokerStars PrimoPDF -- brought to you by Nitro PDF Software Realtek High Definition Audio Driver Replay Media Catcher 4 Samantha Swift and the Hidden Roses of Athena Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Spybot - Search & Destroy Trend Micro RUBotted 2.0 Beta Turbo Pizza Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC 9.0 Runtime Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 2.0.1 Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (12/14/2007 6.1.32.42) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Upload Tool WinPcap 4.1.1 Yahoo! Messenger ZoneAlarm Firewall ZoneAlarm Free Firewall ZoneAlarm Security Zuma Deluxe
|
|
#11
October 1st, 2012, 11:25 PM
|
||||
|
||||
|
Really not much in that. Is this a paid version of Zone Alarm you have installed there? Unfortunately Zone Alarm has a long history of causing problems.
See if you can access Safe Mode, where security software is less active. At startup tap the F8 key about once per half-second, then select Safe Mode with Networking from the menu that will appear. Then see if you have the same problems in Safe Mode.
|
|
#12
October 2nd, 2012, 03:08 AM
|
||||
|
||||
|
Hi Tom,
Zone Alarm is the free version. I guess I should dump it and get another firewall. Any suggestion is welcome if you have one. I'll have to try going into safe mode if it acts up again, for some reason it's working fine tonight. Weird. Oh well, I guess it's good news that nothing bad was found. Thanks so much for your time and help. :-D
|
 |
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
All times are GMT +1. The time now is 06:11 AM.
