| |
| |||||||
Log-Analyse und Auswertung: Trojaner SpyEyeMm-A Befall behoben?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.12.2010, 12:56
| #1 |
| |  Trojaner SpyEyeMm-A Befall behoben? Mein Rechner war offensichtlich von verschiedenen Trojanern etc befallen. Habe eine ganze Weile mit div. Tools verzweifelt versucht, dagegen vorzugehen, bevor ich auf diese Seite gestoßen bin. Habe jetzt alle Scans durchgeführt und die logs gepostet. Hoffe es kann mir jemand sagen, was ich noch tun muss? Möchte auch meine externe Festplatte wieder nutzen, die aber noch verseucht sein kann. Was muss ich beachten? Als Virenscanner läuft derzeit Sophos. Danke für jede Hilfe! Malwarebytes' Anti-Malware 1.50 Malwarebytes Datenbank Version: 5214 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 01.12.2010 23:08:58 mbam-log-2010-12-01 (23-08-58).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 168652 Laufzeit: 3 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jdsfjsdijf.exe (Spyware.Passwords.XGen) -> Value: jdsfjsdijf.exe -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jdsfjsdijf.exe (Spyware.Passwords.XGen) -> Value: jdsfjsdijf.exe -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\jdsfjsdijf.exe\jdsfjsdijf.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. defogger_disable by jpshortstuff (23.02.10.1) Log created at 23:27 on 01/12/2010 (Leontes) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- GMER Logfile: Code:
ATTFilter GMER 1.0.15.15530 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-12-02 08:27:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9320325AS rev.0002SDM1
Running: gmer.exe; Driver: C:\DOKUME~1\Leontes\LOKALE~1\Temp\ugtdapow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwCreateKey [0xA803BFBE]
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwDeleteKey [0xA803C114]
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwSetValueKey [0xA803C17A]
---- Kernel code sections - GMER 1.0.15 ----
? joytwm.sys Das System kann die angegebene Datei nicht finden. !
init C:\WINXP\system32\drivers\monfilt.sys entry point in "init" section [0xA816F280]
.vmp2 C:\WINXP\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xA766269D]
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!CreateDialogParamW 7E36EA3B 5 Bytes JMP 03FF4BA0 C:\Programme\softonic-de3\tbsoft.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 03FF4D20 C:\Programme\softonic-de3\tbsoft.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DBF4 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136559F C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 413654D1 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4136553C C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 413653A2 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41365404 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41365602 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!TrackPopupMenu 7E3B531E 5 Bytes JMP 03FF4320 C:\Programme\softonic-de3\tbsoft.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41365466 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] USER32.dll!TrackPopupMenuEx 7E3BCF62 5 Bytes JMP 03FF4480 C:\Programme\softonic-de3\tbsoft.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ole32.dll!CoUninitialize 774D133C 5 Bytes JMP 6FA07DE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ole32.dll!CoInitializeEx 774D1473 5 Bytes JMP 6FA07D90 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] WININET.dll!InternetReadFile 408C658B 5 Bytes JMP 6FA0AD80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] WININET.dll!InternetQueryDataAvailable 408CBFCB 5 Bytes JMP 6FA0AD60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] WININET.dll!InternetOpenA 408DD6E0 5 Bytes JMP 6FA0AD20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] WININET.dll!InternetOpenUrlA 408DF3F4 5 Bytes JMP 6FA0AD40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[208] ws2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!CreateDialogParamW 7E36EA3B 5 Bytes JMP 025B4BA0 C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 025B4D20 C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 41269B99 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4125D199 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DBF4 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 411D469C C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136559F C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 413654D1 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4136553C C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 413653A2 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41365404 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41365602 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!TrackPopupMenu 7E3B531E 5 Bytes JMP 025B4320 C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41365466 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] USER32.dll!TrackPopupMenuEx 7E3BCF62 5 Bytes JMP 025B4480 C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ole32.dll!CoCreateInstance 774CF1AC 5 Bytes JMP 4126DC50 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ole32.dll!CoUninitialize 774D133C 5 Bytes JMP 6FA07DE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ole32.dll!CoInitializeEx 774D1473 5 Bytes JMP 6FA07D90 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ole32.dll!OleLoadFromStream 774F981B 5 Bytes JMP 41365920 C:\WINXP\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] WININET.dll!InternetReadFile 408C658B 5 Bytes JMP 6FA0AD80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] WININET.dll!InternetQueryDataAvailable 408CBFCB 5 Bytes JMP 6FA0AD60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] WININET.dll!InternetOpenA 408DD6E0 5 Bytes JMP 6FA0AD20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] WININET.dll!InternetOpenUrlA 408DF3F4 5 Bytes JMP 6FA0AD40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[260] ws2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[316] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[368] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WININET.dll!InternetReadFile 408C658B 5 Bytes JMP 6FA0AD80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WININET.dll!InternetQueryDataAvailable 408CBFCB 5 Bytes JMP 6FA0AD60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WININET.dll!InternetOpenA 408DD6E0 5 Bytes JMP 6FA0AD20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WININET.dll!InternetOpenUrlA 408DF3F4 5 Bytes JMP 6FA0AD40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[632] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1212] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\lsass.exe[1476] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1640] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\system32\svchost.exe[1728] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 6FA0AB20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WININET.dll!InternetReadFile 408C658B 5 Bytes JMP 6FA0AD80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WININET.dll!InternetQueryDataAvailable 408CBFCB 5 Bytes JMP 6FA0AD60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WININET.dll!InternetOpenA 408DD6E0 5 Bytes JMP 6FA0AD20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\System32\svchost.exe[1780] WININET.dll!InternetOpenUrlA 408DF3F4 5 Bytes JMP 6FA0AD40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] ntdll.dll!KiUserExceptionDispatcher 7C91E47C 7 Bytes JMP 6FA05100 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 6FA0AD00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 6FA0AA80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 6FA0AC60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 6FA0AC40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 6FA0ABC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 6FA0ABA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6FA0AB80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 6FA0ACE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 6FA0AAA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6FA0B8F0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 6FA0ABE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!ExitThread 7C80C0F8 7 Bytes JMP 6FA0AB00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!GlobalAlloc 7C80FDCD 7 Bytes JMP 6FA0AB60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 6FA0ACA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6FA0AAE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 6FA0AAC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!ResumeThread 7C8328F7 5 Bytes JMP 6FA0AC00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!GetThreadContext 7C83970D 5 Bytes JMP 6FA0AB40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!WriteFileEx 7C85DCB9 5 Bytes JMP 6FA0ACC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!WinExec 7C862AED 5 Bytes JMP 6FA0AC80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] kernel32.dll!SetThreadContext 7C8641E9 5 Bytes JMP 6FA0AC20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WININET.dll!InternetReadFile 408C658B 5 Bytes JMP 6FA0AD80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WININET.dll!InternetQueryDataAvailable 408CBFCB 5 Bytes JMP 6FA0AD60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WININET.dll!InternetOpenA 408DD6E0 5 Bytes JMP 6FA0AD20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WININET.dll!InternetOpenUrlA 408DF3F4 5 Bytes JMP 6FA0AD40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 6FA0AE20 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!bind 71A14480 5 Bytes JMP 6FA0AE00 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!connect 71A14A07 5 Bytes JMP 6FA0AE40 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!send 71A14C27 5 Bytes JMP 6FA0AEC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!recv 71A1676F 5 Bytes JMP 6FA0AEA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!WSAStartup 71A16A55 7 Bytes JMP 6FA0ADC0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!WSASocketA 71A18B6A 5 Bytes JMP 6FA0ADA0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!listen 71A18CD3 5 Bytes JMP 6FA0AE80 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!getpeername 71A20B68 5 Bytes JMP 6FA0AE60 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
.text C:\WINXP\Explorer.EXE[2908] WS2_32.dll!accept 71A21040 5 Bytes JMP 6FA0ADE0 c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Buffer Overrun Protection/Sophos Plc)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs savonaccessfilter.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\VClone \Device\Scsi\VClone1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\VClone \Device\Scsi\VClone1Port4Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
---- Files - GMER 1.0.15 ----
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP310\A0276295.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP310\A0277295.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP310\A0278295.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP310\A0280430.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP310\A0280458.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP311\A0280952.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP312\A0281245.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP312\A0281524.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP313\A0282279.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP314\A0282569.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0283788.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0283799.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0284805.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0284826.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0285304.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP315\A0285574.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP316\A0286127.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP316\A0286433.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0286729.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0287006.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0287282.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0288180.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0289144.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP317\A0289158.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP319\A0289740.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP319\A0290740.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP319\A0290753.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP319\A0290777.exe:BAK 22528 bytes executable
ADS C:\System Volume Information\_restore{6D444F7E-27F3-4788-AEA5-066386876941}\RP319\A0291831.exe:BAK 22528 bytes executable
---- EOF - GMER 1.0.15 ----
|
| Themen zu Trojaner SpyEyeMm-A Befall behoben? |
| beachten, befall, conduit, durchgeführt, externe, externe festplatte, festplatte, hilfe!, hoffe, ieframe.dll, ntdll.dll, nutze, nutzen, platte, rechner, scanner, seite, spyeyemm-a, tools, troja, trojaner, trojanern, verschiedene, verschiedenen, verseucht, versucht, virenscan, virenscanner |
Baum-Darstellung