Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Malwarebytes blocking connections but nothing detected


Recommended Posts

Hi,

 

Please need help!

 

I keep getting notifications about certain blocked connections. From  an explorer.exe process taking up lots of memory and cpu going to: 

searchnet.blinkxcore.com
www.nxsrv1.com
66.45.46.109
5.149.250.194
 

 

 

I've run a full Malwarebytes scan, Avast full scan, adwcleaner, combofix... Nothing is working or finding anything.

 

I ran FRST, here's what is says.

 

Any ideas?

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello pimpdout, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)
 
General P2P/Piracy Notice: 
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • If you are unable to copy/paste your logs directly into your post, please attach the file. 
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
  • Ensure you are following this topic. Click xetYzdbu.png.pagespeed.ic.U7AjmRUewW.png at the top of the page. 
     

======================================================
 
You should no longer experience IP blocks after doing the following. 
Please let me know if there are any outstanding issues. 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    startHKLM-x32\...\Run: [] => [X]HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-1465261913-1969993637-3555280695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDFSearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 2014-11-30 15:34 - 2014-11-30 15:34 - 00000000 ____D () C:\Users\Sand & Sea Manager\AppData\Local\{D30A3D77-CE81-484E-A08C-F4D502E727FC}2014-11-12 09:51 - 2014-11-12 09:51 - 00000000 __SHD () C:\Users\Sand & Sea Manager\AppData\Local\EmieBrowserModeList2014-12-09 08:32 - 2014-10-20 12:52 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ddrawex.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No FileCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetEmptyTemp:end
  • Click FileSave As and type fixlist.txt as the File Name.
  • Important: The file must be saved in the same location as FRST64.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
mlEX1wH.png RogueKiller

  • Please download RogueKiller (x64) and save the file to your Desktop.
  • Close any running programmes.
  • Right-Click RogueKiller.exe and select Run as administrator to run the programme.
  • Allow the Prescan to complete. Upon completion, a window will open. Click Accept.
  • A browser window may open. Close the browser window.
  • Click jpgUwzp.png. Upon completion, click phPvmc6.png.
  • Close the programme. Do not fix anything!
  • A log (RKreport.txt) will be open. Copy the contents of the log and paste in your next reply.

 
STEP 3

GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • AdwCleaner[s0].txt
  • ESET log
Link to post
Share on other sites

FRST Log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2014
Ran by Sand & Sea Manager at 2014-12-09 10:19:40 Run:5
Running from C:\Users\Sand & Sea Manager\Downloads
Loaded Profile: Sand & Sea Manager (Available profiles: Sand & Sea Manager)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1465261913-1969993637-3555280695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
2014-11-30 15:34 - 2014-11-30 15:34 - 00000000 ____D () C:\Users\Sand & Sea Manager\AppData\Local\{D30A3D77-CE81-484E-A08C-F4D502E727FC}
2014-11-12 09:51 - 2014-11-12 09:51 - 00000000 __SHD () C:\Users\Sand & Sea Manager\AppData\Local\EmieBrowserModeList
2014-12-09 08:32 - 2014-10-20 12:52 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ddrawex.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sand & Sea Manager\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
C:\Users\Sand & Sea Manager\AppData\Local\{D30A3D77-CE81-484E-A08C-F4D502E727FC} => Moved successfully.
C:\Users\Sand & Sea Manager\AppData\Local\EmieBrowserModeList => Moved successfully.
 
"C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}" directory move:
 
Could not move "C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\8afc49b02429a" => Scheduled to move on reboot.
Could not move "C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ddrawex.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ywiooeg.tmp" => Scheduled to move on reboot.
Could not move "C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}" directory. => Scheduled to move on reboot.
 
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => Key deleted successfully.
"HKU\S-1-5-21-1465261913-1969993637-3555280695-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset all =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
EmptyTemp: => Removed 83.9 MB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-09 10:23:02)<=
 
C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\8afc49b02429a => Is moved successfully.
C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ddrawex.dll => Is moved successfully.
C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ywiooeg.tmp => Is moved successfully.
C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} => Is moved successfully.
 
==== End of Fixlog ====
 
 
 
Rogue:
 
RogueKiller V10.0.9.0 (x64) [Dec  8 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Sand & Sea Manager [Administrator]
Mode : Scan -- Date : 12/09/2014  10:30:53
 
¤¤¤ Processes : 1 ¤¤¤
[Tr.Zeus] mbamservice.exe -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[7] -> Killed [TermProc]
 
¤¤¤ Registry : 23 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> Found
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1465261913-1969993637-3555280695-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1465261913-1969993637-3555280695-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{28787EDD-14F9-4292-8F1E-74E8C3C10735} | DhcpNameServer : 10.0.1.1 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C88CCF39-C413-4DBD-95D2-8E09646C2CFE} | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{28787EDD-14F9-4292-8F1E-74E8C3C10735} | DhcpNameServer : 10.0.1.1 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C88CCF39-C413-4DBD-95D2-8E09646C2CFE} | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{28787EDD-14F9-4292-8F1E-74E8C3C10735} | DhcpNameServer : 10.0.1.1 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{C88CCF39-C413-4DBD-95D2-8E09646C2CFE} | DhcpNameServer : 192.168.200.1 24.25.227.55 209.18.47.61 [uNITED STATES (US)][uNITED STATES (US)]  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
 
¤¤¤ Antirootkit : 210 (Driver: Loaded) ¤¤¤
[iAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77c2010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77c2010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77c2010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77c2010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77c2010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77c2010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77c2010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77c2010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77c2010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77c2010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77c2010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77c2010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77c2010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77c2010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77c2010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77c2010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77c2010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77c2010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77c2010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77c2010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77c2010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77c2010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77c2010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77c2010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77c2010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtVdmControl : Unknown @ 0x77c2010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77c2010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (explorer.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77c2010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77c2010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77c2010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77c2010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77c2010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77c2010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77c2010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77c2010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77c2010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x77c2010a (jmp 0x15ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77c2010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77c2010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x77c2010a (jmp 0x15daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77c2010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x77c2010a (jmp 0x15d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77c2010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77c2010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77c2010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x77c2010a (jmp 0x15e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77c2010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x77c2010a (jmp 0x15d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x77c2010a (jmp 0x15ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x77c2010a (jmp 0x15d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x77c2010a (jmp 0x15e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x77c2010a (jmp 0x15e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x77c2010a (jmp 0x15f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x77c2010a (jmp 0x15e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x77c2010a (jmp 0x15daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77c2010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x77c2010a (jmp 0x15e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77c2010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77c2010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77c2010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77c2010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77c2010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77c2010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x77c2010a (jmp 0x15d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77c2010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77c2010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x77c2010a (jmp 0x15e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77c2010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77c2010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77c2010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) aswCmnOS.dll - dep_strFreeString : C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll @ 0x7334b80d (jmp dword near [0x733f6268])
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x103010a (jmp 0xffffffff8956ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x103010a (jmp 0xffffffff8956ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x103010a (jmp 0xffffffff8956f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x103010a (jmp 0xffffffff8956ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x103010a (jmp 0xffffffff8956e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x103010a (jmp 0xffffffff8956ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x103010a (jmp 0xffffffff8956ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x103010a (jmp 0xffffffff8956e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x103010a (jmp 0xffffffff8956ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x103010a (jmp 0xffffffff8956d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x103010a (jmp 0xffffffff8956dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x103010a (jmp 0xffffffff8956daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x103010a (jmp 0xffffffff8956e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x103010a (jmp 0xffffffff8956e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x103010a (jmp 0xffffffff8956d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x103010a (jmp 0xffffffff8956e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x103010a (jmp 0xffffffff8956d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x103010a (jmp 0xffffffff8956e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x103010a (jmp 0xffffffff8956e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x103010a (jmp 0xffffffff8956e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x103010a (jmp 0xffffffff8956d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x103010a (jmp 0xffffffff8956ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x103010a (jmp 0xffffffff8956d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x103010a (jmp 0xffffffff8956e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x103010a (jmp 0xffffffff8956e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x103010a (jmp 0xffffffff8956f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x103010a (jmp 0xffffffff8956e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x103010a (jmp 0xffffffff8956daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x103010a (jmp 0xffffffff8956ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x103010a (jmp 0xffffffff8956e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x103010a (jmp 0xffffffff8956e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x103010a (jmp 0xffffffff8956ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x103010a (jmp 0xffffffff8956e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x103010a (jmp 0xffffffff8956e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x103010a (jmp 0xffffffff8956e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x103010a (jmp 0xffffffff8956eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x103010a (jmp 0xffffffff8956e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x103010a (jmp 0xffffffff8956d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x103010a (jmp 0xffffffff8956e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x103010a (jmp 0xffffffff8956e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x103010a (jmp 0xffffffff8956e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x103010a (jmp 0xffffffff8956de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x103010a (jmp 0xffffffff8956ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x103010a (jmp 0xffffffff8956e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) aswCmnOS.dll - dep_strFreeString : C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll @ 0x7334b80d (jmp dword near [0x733f6268])
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77c2010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77c2010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77c2010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77c2010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77c2010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77c2010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77c2010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77c2010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x77c2010a (jmp 0x15ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77c2010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77c2010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x77c2010a (jmp 0x15daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77c2010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x77c2010a (jmp 0x15d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77c2010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77c2010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77c2010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x77c2010a (jmp 0x15e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77c2010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x77c2010a (jmp 0x15d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x77c2010a (jmp 0x15ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x77c2010a (jmp 0x15d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x77c2010a (jmp 0x15e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x77c2010a (jmp 0x15e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x77c2010a (jmp 0x15f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x77c2010a (jmp 0x15e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x77c2010a (jmp 0x15daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77c2010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x77c2010a (jmp 0x15e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77c2010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77c2010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77c2010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77c2010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77c2010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77c2010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77c2010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x77c2010a (jmp 0x15d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77c2010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77c2010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x77c2010a (jmp 0x15e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77c2010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77c2010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77c2010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) aswCmnOS.dll - dep_strFreeString : C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll @ 0x7334b80d (jmp dword near [0x733f6268])
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x10b010a (jmp 0xffffffff895eebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x10b010a (jmp 0xffffffff895eec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x10b010a (jmp 0xffffffff895ef0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x10b010a (jmp 0xffffffff895eee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x10b010a (jmp 0xffffffff895ee0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x10b010a (jmp 0xffffffff895eed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x10b010a (jmp 0xffffffff895eee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x10b010a (jmp 0xffffffff895ee6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x10b010a (jmp 0xffffffff895eec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x10b010a (jmp 0xffffffff895ed9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x10b010a (jmp 0xffffffff895edc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x10b010a (jmp 0xffffffff895edaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x10b010a (jmp 0xffffffff895ee070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x10b010a (jmp 0xffffffff895ee300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x10b010a (jmp 0xffffffff895ed9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x10b010a (jmp 0xffffffff895ee5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x10b010a (jmp 0xffffffff895ed850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x10b010a (jmp 0xffffffff895ee730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x10b010a (jmp 0xffffffff895ee0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x10b010a (jmp 0xffffffff895ee060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x10b010a (jmp 0xffffffff895ed860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x10b010a (jmp 0xffffffff895eef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x10b010a (jmp 0xffffffff895ed7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x10b010a (jmp 0xffffffff895ee180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x10b010a (jmp 0xffffffff895ee8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x10b010a (jmp 0xffffffff895ef100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x10b010a (jmp 0xffffffff895ee460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x10b010a (jmp 0xffffffff895edaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x10b010a (jmp 0xffffffff895eed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x10b010a (jmp 0xffffffff895ee660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x10b010a (jmp 0xffffffff895ee870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x10b010a (jmp 0xffffffff895eec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x10b010a (jmp 0xffffffff895ee980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x10b010a (jmp 0xffffffff895ee300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x10b010a (jmp 0xffffffff895ee130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x10b010a (jmp 0xffffffff895eeba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x10b010a (jmp 0xffffffff895ee5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x10b010a (jmp 0xffffffff895ed780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x10b010a (jmp 0xffffffff895ee610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x10b010a (jmp 0xffffffff895ee140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x10b010a (jmp 0xffffffff895ee6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x10b010a (jmp 0xffffffff895ede80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x10b010a (jmp 0xffffffff895eed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x10b010a (jmp 0xffffffff895ee030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[iAT:Inl] (chrome.exe) aswCmnOS.dll - dep_strFreeString : C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll @ 0x7334b80d (jmp dword near [0x733f6268])
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] abab129b9a242c4b31f6e1dfa6db0a1a
[bSP] 1fab275b97c437161528e64b7ee29c34 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 694636 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1423024128 | Size: 20465 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] 997c87f4b1bba6206cbe3bd7d106d916
[bSP] 1fab275b97c437161528e64b7ee29c34 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB
 
 
Waiting on Eset to complete.. I'm an hour into it..
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.