WiredWX Hobby Weather ToolsLog in

 


Redirecting Virus blocking all Anti-viral programs

3 posters

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
Bump.

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
Download the GMER rootkit scan from here: GMER

  1. Unzip it and start GMER.
  2. Click the >>> tab and then click the Scan button.
  3. Once done, click the Copy button.
  4. This will copy the results to your clipboard.
  5. Paste the results in your next reply.
Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
GMER 1.0.15.15077 [842f42v0.exe] - http://www.gmer.net
Rootkit scan 2009-08-22 14:50:45
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xF625E9AA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateKey [0xF625EA41]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0xF625E958]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0xF625E96C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteKey [0xF625EA55]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xF625EA81]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateKey [0xF625EAEF]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateValueKey [0xF625EAD9]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xF625E9EA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0xF625EB1B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenKey [0xF625EA2D]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xF625E930]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xF625E944]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xF625E9BE]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryKey [0xF625EB57]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryMultipleValueKey [0xF625EAC3]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryValueKey [0xF625EAAD]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRenameKey [0xF625EA6B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0xF625EB43]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0xF625EB2F]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0xF625E996]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0xF625E982]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetValueKey [0xF625EA97]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0xF625EA19]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnloadKey [0xF625EB05]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xF625EA00]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xF625E9D4]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntoskrnl.exe!ZwQueryValueKey + 5 8056A1F7 2 Bytes [90, 90] {NOP ; NOP }

---- User code sections - GMER 1.0.15 ----

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[180] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0041C340 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[180] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 0041C3C0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 0025000A
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00250076
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0025005B
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 0025004A
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00250F8D
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00250FA8
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 002500A4
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00250F5C
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 002500D0
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 002500BF
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 002500E1
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 0025002F
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00250FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00250087
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00250FCD
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00250FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[520] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00250F37
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 0034002C
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00340062
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00340FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00340011
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00340FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00340000
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 00340051
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00340FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00350027
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!system 77C293C7 5 Bytes JMP 00350F9C
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 00350FD2
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00350FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00350FB7
.text C:\Program Files\Internet Explorer\iexplore.exe[520] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 0035000C
.text C:\Program Files\Internet Explorer\iexplore.exe[520] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 00CB0000
.text C:\Program Files\Internet Explorer\iexplore.exe[520] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 00CB0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[520] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 00CB001B
.text C:\Program Files\Internet Explorer\iexplore.exe[520] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 00CB0036
.text C:\Program Files\Internet Explorer\iexplore.exe[520] ws2_32.dll!socket 71AB4211 5 Bytes JMP 018D0000
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 0007000A
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00070F77
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070F92
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 0007006C
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00070FAF
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00070FC0
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00070098
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00070087
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00070F1A
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070F2B
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00070EFF
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00070047
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 0007001B
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00070F5C
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00070036
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00070FE5
.text C:\WINDOWS\system32\services.exe[596] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 000700A9
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegOpenKeyExW

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00060073
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00060036
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00060025
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00060062
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00060000
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00060FC0
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [26, 88]
.text C:\WINDOWS\system32\services.exe[596] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00060FDB
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00050027
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!system 77C293C7 5 Bytes JMP 00050FA6
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 0005000C
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00050FEF
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00050FB7
.text C:\WINDOWS\system32\services.exe[596] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00050FD2
.text C:\WINDOWS\system32\services.exe[596] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00040FEF
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00BA0FEF
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00BA008E
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00BA007D
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00BA006C
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00BA005B
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00BA0040
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00BA0F63
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00BA00B5
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00BA0F48
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00BA00D7
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00BA0F2D
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00BA0FB9
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00BA000A
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00BA0F7E
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00BA001B
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00BA0FD4
.text C:\WINDOWS\system32\lsass.exe[608] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00BA00C6
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00B90FC0
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00B9005B
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00B90FDB
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00B9001B
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00B9004A
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00B90000
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00B90F9E
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [D9, 88]
.text C:\WINDOWS\system32\lsass.exe[608] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00B90FAF
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00B80040
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!system 77C293C7 5 Bytes JMP 00B80025
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 00B80FC6
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00B80000
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00B80FB5
.text C:\WINDOWS\system32\lsass.exe[608] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00B80FD7
.text C:\WINDOWS\system32\lsass.exe[608] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00B70FEF
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00F90FEF
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00F90051
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00F90F66
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00F90F83
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00F90040
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00F90F9E
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00F9008E
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00F9007D
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00F90F24
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00F90F35
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00F900D8
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00F90025
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00F90FDE
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00F9006C
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00F9000A
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00F90FB9
.text C:\WINDOWS\system32\svchost.exe[760] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00F900B3
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00F80FBC
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00F8004A
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00F80FCD
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00F80FDE
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00F80039
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00F80FEF
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 00F80028
.text C:\WINDOWS\system32\svchost.exe[760] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00F80F97
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00F7003D
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!system 77C293C7 5 Bytes JMP 00F7002C
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!_creat

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00F70FE3
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00F7001B
.text C:\WINDOWS\system32\svchost.exe[760] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00F70FC6
.text C:\WINDOWS\system32\svchost.exe[760] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00F60FEF
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D70000
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00D70F77
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D70076
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00D70065
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D70FA8
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D70FDE
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00D700B3
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00D700A2
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D700F0
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D700DF
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00D70F3C
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00D70FB9
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00D70025
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00D70087
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00D70040
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00D70FEF
.text C:\WINDOWS\system32\svchost.exe[816] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00D700CE
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00D60FCA
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00D6005B
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00D60FDB
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00D60011
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00D60F9E
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00D60000
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00D60FAF
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [F6, 88]
.text C:\WINDOWS\system32\svchost.exe[816] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00D60036
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00D50020
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!system 77C293C7 5 Bytes JMP 00D50F95
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 00D50FC1
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00D50FEF
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00D50FA6
.text C:\WINDOWS\system32\svchost.exe[816] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00D50FD2
.text C:\WINDOWS\system32\svchost.exe[816] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00D40FEF
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 028B0000
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 028B0082
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 028B0F83
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 028B0F94
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 028B0FAF
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 028B0047
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 028B0F50
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 028B0F61
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 028B00C4
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 028B00A9
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 028B00DF
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 028B0FC0
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 028B0011
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 028B0F72
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 028B0FE5
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 028B0036
.text C:\WINDOWS\System32\svchost.exe[884] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 028B0F35
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 01FB0036
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 01FB006C
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 01FB001B
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 01FB000A
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 01FB0FB9
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 01FB0FEF
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 01FB0FCA
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [1B, 8A]
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 01FB0051
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 01FA0FB2
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!system 77C293C7 5 Bytes JMP 01FA0FC3
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 01FA0029
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!_open 77C2F566 5 Bytes JMP 01FA0FEF
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 01FA0FD4
.text C:\WINDOWS\System32\svchost.exe[884] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 01FA000C
.text C:\WINDOWS\System32\svchost.exe[884] WS2_32.dll!socket 71AB4211 5 Bytes JMP 01F90FEF
.text C:\WINDOWS\System32\svchost.exe[884] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 01F80FEF
.text C:\WINDOWS\System32\svchost.exe[884] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 01F80FDE
.text C:\WINDOWS\System32\svchost.exe[884] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 01F80FC3
.text C:\WINDOWS\System32\svchost.exe[884] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 01F80FB2
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateFileA

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00650F37
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00650F52
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00650F79
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00650F8A
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00650FB6
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00650EF8
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00650F09
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00650065
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00650ECC
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00650076
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00650F9B
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00650011
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00650F26
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00650FC7
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00650022
.text C:\WINDOWS\system32\svchost.exe[920] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00650EE7
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00640000
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00640F72
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00640FB9
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00640FCA
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00640025
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00640FEF
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00640F83
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [84, 88]
.text C:\WINDOWS\system32\svchost.exe[920] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00640F94
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00630FB4
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!system 77C293C7 5 Bytes JMP 00630049
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 0063001D
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00630FEF
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00630038
.text C:\WINDOWS\system32\svchost.exe[920] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 0063000C
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00B80000
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00B80FA3
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00B80FB4
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00B8008E
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00B80FD1
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00B8006C
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00B80F6B
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00B800B3
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00B80F24
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00B80F35
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00B800CE
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00B8007D
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00B8001B
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00B80F92
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00B80051
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00B80040
.text C:\WINDOWS\System32\svchost.exe[996] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00B80F5A
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00B70FC3
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00B7006C
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00B70014
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00B70FD4
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00B70051
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00B70FEF
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 00B70040
.text C:\WINDOWS\System32\svchost.exe[996] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00B7002F
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00B60F97
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!system 77C293C7 5 Bytes JMP 00B60FB2
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 00B60FDE
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00B60FEF
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00B60FC3
.text C:\WINDOWS\System32\svchost.exe[996] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00B60018
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 0078000A
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00780F9E
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00780FAF
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00780093
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00780076
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00780040
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00780F83
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 007800CB
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00780F5E
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 007800F7
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00780F43
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 0078005B
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00780FE5
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 007800AE
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00780FD4
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00780025
.text C:\WINDOWS\System32\svchost.exe[1064] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 007800E6
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00770022
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 0077007D
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00770011
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00770FDB
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00770FB6
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00770000
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 00770058
.text C:\WINDOWS\System32\svchost.exe[1064] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00770047
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00760051
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!system 77C293C7 5 Bytes JMP 00760FC6
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!_creat

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00760FEF
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 0076002C
.text C:\WINDOWS\System32\svchost.exe[1064] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00760000
.text C:\WINDOWS\System32\svchost.exe[1064] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00750000
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 009C000A
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 009C008E
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 009C007D
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 009C0F99
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 009C0FB6
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 009C0FDB
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 009C0F57
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 009C0F74
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 009C0F28
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 009C00C1
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 009C0F0D
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 009C0062
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 009C001B
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 009C009F
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 009C0047
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 009C002C
.text C:\WINDOWS\system32\svchost.exe[1216] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 009C00B0
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 009B0047
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 009B0FC0
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 009B002C
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 009B001B
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 009B007D
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 009B0000
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 009B0FDB
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [BB, 88]
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 009B0062
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 009A0FBC
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!system 77C293C7 5 Bytes JMP 009A0FCD
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 009A0029
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!_open 77C2F566 5 Bytes JMP 009A0000
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 009A0FDE
.text C:\WINDOWS\system32\svchost.exe[1216] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 009A0FEF
.text C:\WINDOWS\system32\svchost.exe[1216] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00990000
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 0202000A
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 02020076
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 02020F77
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 02020051
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 02020040
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 02020FB9
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 02020F2E
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 02020F3F
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 02020091
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 02020F02
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 02020EE7
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 02020FA8
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 02020FEF
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 02020F5C
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 02020FD4
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 0202001B
.text C:\WINDOWS\Explorer.EXE[1232] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 02020F13
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 02010036
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 02010091
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 02010FEF
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 02010025
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 02010FD4
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 02010000
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 0201006C
.text C:\WINDOWS\Explorer.EXE[1232] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 02010051
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 01400033
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!system 77C293C7 5 Bytes JMP 01400FB2
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 01400011
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!_open 77C2F566 5 Bytes JMP 01400FEF
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 01400022
.text C:\WINDOWS\Explorer.EXE[1232] msvcrt.dll!_wopen

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\WINDOWS\Explorer.EXE[1232] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 00CB0FEF
.text C:\WINDOWS\Explorer.EXE[1232] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 00CB000A
.text C:\WINDOWS\Explorer.EXE[1232] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 00CB0FD4
.text C:\WINDOWS\Explorer.EXE[1232] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 00CB0025
.text C:\WINDOWS\Explorer.EXE[1232] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00F50000
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00BA0000
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00BA0090
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00BA007F
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00BA006E
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00BA0051
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00BA0036
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00BA0F48
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00BA0F65
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00BA00C6
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00BA00B5
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00BA0F12
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00BA0FAF
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00BA001B
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00BA0F80
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00BA0FCA
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00BA0FDB
.text C:\WINDOWS\System32\svchost.exe[1804] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00BA0F2D
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00930014
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00930F94
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00930FC3
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 00930FD4
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00930051
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00930FEF
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegCreateKeyW 77DFBA55 5 Bytes JMP 00930036
.text C:\WINDOWS\System32\svchost.exe[1804] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00930025
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00920F9C
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!system 77C293C7 5 Bytes JMP 00920FB7
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 0092001D
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00920000
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00920FC8
.text C:\WINDOWS\System32\svchost.exe[1804] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00920FE3
.text C:\WINDOWS\System32\svchost.exe[1804] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 0090000A
.text C:\WINDOWS\System32\svchost.exe[1804] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 00900FEF
.text C:\WINDOWS\System32\svchost.exe[1804] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 0090001B
.text C:\WINDOWS\System32\svchost.exe[1804] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 00900FCA
.text C:\WINDOWS\System32\svchost.exe[1804] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00910FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00250000
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00250058
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00250F63
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 0025003D
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00250F80
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0025001B
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00250F3C
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 0025008E
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00250EF5
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00250F06
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 002500A9
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 0025002C
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00250FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 00250073
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 00250FAF
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00250FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00250F21
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 00340FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00340054
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00340FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 0034001B
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00340F97
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 0034000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00340FA8
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [54, 88]
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 00340FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DCB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2543F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_wsystem

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00350022
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!system 77C293C7 5 Bytes JMP 00350F97
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 00350FC6
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00350FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 00350011
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 00350000
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3E3F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 01BE0000
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 01BE0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 01BE0FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 01BE0FCD
.text C:\Program Files\Internet Explorer\iexplore.exe[4444] ws2_32.dll!socket 71AB4211 5 Bytes JMP 02810FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00250FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00250F8A
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0025007F
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 0025006E
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00250FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0025002C
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00250F68
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00250F79
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 002500DC
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00250F43
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 002500ED
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 0025003D
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00250000
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreatePipe 7C81D83F 5 Bytes JMP 002500A4
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateNamedPipeW 7C82F0DD 5 Bytes JMP 0025001B
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!CreateNamedPipeA 7C860CDC 5 Bytes JMP 00250FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 002500C1
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegOpenKeyExW 77DD6AAF 5 Bytes JMP 0034002C
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegCreateKeyExW 77DD776C 5 Bytes JMP 00340069
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 00340FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegOpenKeyW 77DD7946 5 Bytes JMP 0034001B
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegCreateKeyExA 77DDE9F4 5 Bytes JMP 00340058
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegOpenKeyA 77DDEFC8 5 Bytes JMP 00340000
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegCreateKeyW 77DFBA55 2 Bytes JMP 00340FB6
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA58 2 Bytes [54, 88]
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ADVAPI32.dll!RegCreateKeyA 77DFBCF3 5 Bytes JMP 0034003D
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DCB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2543F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!_wsystem 77C2931E 5 Bytes JMP 00350050
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!system 77C293C7 5 Bytes JMP 00350FC5
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!_creat 77C2D40F 5 Bytes JMP 0035002E
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!_open 77C2F566 5 Bytes JMP 00350000
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!_wcreat 77C2FC9B 5 Bytes JMP 0035003F
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] msvcrt.dll!_wopen 77C30055 5 Bytes JMP 0035001D
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3E3F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] WININET.dll!InternetOpenA 3D95D688 5 Bytes JMP 01BE0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] WININET.dll!InternetOpenW 3D95DB01 5 Bytes JMP 01BE0014
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] WININET.dll!InternetOpenUrlA 3D95F39C 5 Bytes JMP 01BE0025
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] WININET.dll!InternetOpenUrlW 3D9A6F37 5 Bytes JMP 01BE0036
.text C:\Program Files\Internet Explorer\iexplore.exe[9744] ws2_32.dll!socket 71AB4211 5 Bytes JMP 02800000

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[4444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@NoChange 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\1FB2N0LL\friends[1].htm 0 bytes

---- EOF - GMER 1.0.15 ----

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
Please download SysProt AntiRootkit v1.0.1.0 by Swatkat

  • Next run the file; *Note: If running vista right click and select run as administrator
  • Once opened, navigate to the log tab and select all the areas including the hidden objects only box and click on the create log button
  • A scan will start and then a window will pop up with two options, select scan all drives
  • Once finished it will give you a location where it was saved, navigate to that place usually the desktop, and open the log, post all the contents of the log back here.

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
No Hidden Kernel Modules found

******************************************************************************************
******************************************************************************************
No SSDT Hooks found

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No IRP Hooks found

******************************************************************************************
******************************************************************************************
Ports:
Local Address: OWNER-5VJH0W4RC:1029
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3179
Remote Address: S78.DARKBB.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: CLOSE_WAIT

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3171
Remote Address: S78.DARKBB.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: CLOSE_WAIT

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3170
Remote Address: S78.DARKBB.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: CLOSE_WAIT

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3169
Remote Address: S78.DARKBB.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: CLOSE_WAIT

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3160
Remote Address: NUQ04S01-IN-F113.GOOGLE.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3151
Remote Address: 64.236.76.160:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3145
Remote Address: 64.212.100.35:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3144
Remote Address: 64.212.100.35:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3143
Remote Address: 64.212.100.35:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3142
Remote Address: 64.212.100.35:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3140
Remote Address: 64.212.100.58:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:3136
Remote Address: WWW-CS-NTC07.EVIP.AOL.COM:HTTP
Type: TCP
Process: 8196 (PID)
State: ESTABLISHED

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:2331
Remote Address: A96-17-110-153.DEPLOY.AKAMAITECHNOLOGIES.COM:HTTP
Type: TCP
Process: 4208 (PID)
State: CLOSE_WAIT

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING

Local Address: OWNER-5VJH0W4RC:6646
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1996 (PID)
State: LISTENING

Local Address: OWNER-5VJH0W4RC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING

Local Address: OWNER-5VJH0W4RC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 816 (PID)
State: LISTENING

Local Address: OWNER-5VJH0W4RC:3163
Remote Address: NA
Type: UDP
Process: 7324 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:3135
Remote Address: NA
Type: UDP
Process: 8196 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:1900
Remote Address: NA
Type: UDP
Process: 1216 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:123
Remote Address: NA
Type: UDP
Process: 884 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:6646
Remote Address: NA
Type: UDP
Process: 1996 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:1900
Remote Address: NA
Type: UDP
Process: 1216 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC.HSD1.CA.COMCAST.NET.:123
Remote Address: NA
Type: UDP
Process: 884 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:4500
Remote Address: NA
Type: UDP
Process: 608 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:1900
Remote Address: NA
Type: UDP
Process: 1100 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:500
Remote Address: NA
Type: UDP
Process: 608 (PID)
State: NA

Local Address: OWNER-5VJH0W4RC:MICROSOFT-DS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA

******************************************************************************************
******************************************************************************************
No hidden files/folders found

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
Please download Revo Uninstall from here: Revo Uinstaller

  1. Download and run the setup file for Revo Uninstaller.
  2. Once setup, run Revo Uninstaller.
  3. Select the following item for removal by clicking on it once.

    SuperAntispyware

  4. Then hit the "Uninstall" button at the top. Redirecting Virus blocking all Anti-viral programs - Page 5 Jph4lw
  5. Close Revo Uninstaller.


Now install Superantispyware again and see if it opens now.

descriptionRedirecting Virus blocking all Anti-viral programs - Page 5 EmptyRe: Redirecting Virus blocking all Anti-viral programs

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum