1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I can't install Anti Virus and windows seems corrupted

Discussion in 'Virus & Other Malware Removal' started by markperry123, Jan 11, 2013.

Thread Status:
Not open for further replies.
  1. markperry123

    markperry123 Thread Starter

    Joined:
    Jan 11, 2013
    Messages:
    1
    Hi, I am having some seriou problems with my Computer.

    It started with me not being able to install AVG free 2013 Ani Virus software. I have tried everything suggested from AVG, using their removal tool, and reinstalling several times, nothing worked. I keep getting error codes saying can't write, etc. I am currently running Windows 7 with no Anti Virus software.

    I also noticed I am constantly getting script errors while browsing online, and checking emails..I'm getting this all the time, some times very annoying, popping up each time a letter is typed at times.

    I also had serious problems logging into, and using this site..it kept saying wrong password and user name when this is not the case. I have deleted temporary internet files, and cookies are allowed for this site. I have used utilities such as Spyware search and destroy, and malware bytes I believe. The problems still exist, except now things are running faster.

    I also downloaded HighjackThis, and noticed it said something similar but it let me proceed and it did the scan. I think something emntioned about me having rootkits, or something?. Excuse me for my ignorance.

    below I have posted a highjackThis log, and other things that were suggested here to help me fix this. Any help as soon as possible would be great, as I am afraid I won't be online soon!:(



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:01:11 PM, on 11/01/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Users\Taro\Desktop\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com/?fr=fp-yie9
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...UNJRDEwKzEtQ0lEKzEw"&"prod=90"&"ver=10.0.1430
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll c:\progra~2\google\google~3\go36f4~1.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    --
    End of file - 16020 bytes



    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
    Run by Taro at 13:07:22 on 2013-01-11
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3894.2273 [GMT -5:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://ca.yahoo.com/
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    uDefault_Page_URL = hxxp://ca.yahoo.com/?fr=fp-yie9
    mWinlogon: Userinit = userinit.exe,
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...UNJRDEwKzEtQ0lEKzEw"&"prod=90"&"ver=10.0.1430
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 64.71.255.198
    TCP: Interfaces\{718CA25B-846D-4F4A-BBDE-C58FA161CAE1} : DHCPNameServer = 64.71.255.198
    TCP: Interfaces\{A158051B-7CBB-48B1-9F7E-F9B7D45E4150} : DHCPNameServer = 64.71.255.198
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll c:\progra~2\google\google~3\go36f4~1.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\System32\rundll32.exe C:\Windows\System32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Taro\AppData\Roaming\Mozilla\Firefox\Profiles\dcg8jegr.default\
    FF - prefs.js: browser.search.selectedEngine - Claro Search
    FF - prefs.js: browser.startup.homepage - hxxp://mail.yahoo.ca/
    FF - component: C:\Users\Taro\AppData\Roaming\Mozilla\Firefox\Profiles\dcg8jegr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: C:\Users\Taro\AppData\Roaming\Mozilla\Firefox\Profiles\dcg8jegr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\npjpi170_09.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.claro.autoRvrt - false
    FF - user.js: extensions.claro_i.newTab - false
    FF - user.js: extensions.claro.tlbrSrchUrl -
    FF - user.js: extensions.claro.id - 2e6f1d1b000000000000984be1ea93d7
    FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
    FF - user.js: extensions.claro.instlDay - 15660
    FF - user.js: extensions.claro.vrsn - 1.8.3.10
    FF - user.js: extensions.claro.vrsni - 1.8.3.10
    FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1015:57:10
    FF - user.js: extensions.claro.prtnrId - claro
    FF - user.js: extensions.claro.prdct - claro
    FF - user.js: extensions.claro.aflt - babsst
    FF - user.js: extensions.claro_i.smplGrp - none
    FF - user.js: extensions.claro.tlbrId - claro
    FF - user.js: extensions.claro.instlRef - sst
    FF - user.js: extensions.claro.dfltLng - en
    FF - user.js: extensions.claro.excTlbr - false
    FF - user.js: extensions.claro.admin - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-29 98208]
    R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-11-16 2312216]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-29 13592]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-1-10 1153368]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-3-29 2320920]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-12-11 31088]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-3-29 333416]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-29 412264]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-3-29 878184]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-7-19 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-7-19 30192]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-28 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-20 1255736]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-01-11 05:26:58 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C757CC0-FD72-4839-A798-B129F7289407}\offreg.dll
    2013-01-10 22:39:34 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
    2013-01-10 19:53:02 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-01-10 19:53:02 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2013-01-10 19:40:50 -------- d-----w- C:\Users\Taro\AppData\Roaming\Malwarebytes
    2013-01-10 19:40:34 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-01-10 19:40:07 -------- d-----w- C:\Users\Taro\AppData\Local\Programs
    2013-01-10 19:22:05 -------- d-----w- C:\Users\Taro\AppData\Local\MFAData
    2013-01-10 19:22:05 -------- d-----w- C:\Users\Taro\AppData\Local\Avg2013
    2013-01-10 19:22:05 -------- d-----w- C:\ProgramData\MFAData
    2013-01-10 18:04:54 -------- d-----w- C:\AVGTemp
    2013-01-10 09:00:38 -------- d--h--w- C:\_Exception1
    2013-01-10 07:59:59 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C757CC0-FD72-4839-A798-B129F7289407}\mpengine.dll
    2013-01-10 07:59:59 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2013-01-10 07:39:44 750592 ----a-w- C:\Windows\System32\win32spl.dll
    2013-01-10 07:39:44 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-01-10 07:39:28 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2013-01-10 07:39:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2013-01-10 07:39:26 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2013-01-10 07:39:25 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2013-01-10 07:39:23 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2013-01-10 07:39:23 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-01-10 07:36:27 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-01-10 07:35:43 68608 ----a-w- C:\Windows\System32\taskhost.exe
    2013-01-10 07:31:55 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2013-01-10 07:26:11 -------- d-----w- C:\Users\Taro\AppData\Roaming\TuneUp Software
    2012-12-22 18:52:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-22 18:52:50 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-22 18:52:49 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-22 18:52:48 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-18 14:28:14 186584 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
    2012-12-18 02:49:57 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    .
    ==================== Find3M ====================
    .
    2013-01-10 08:25:22 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-01-10 08:25:22 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
    2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
    2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
    2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
    2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
    2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
    2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
    2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
    2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
    2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
    2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
    2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
    2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
    2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
    2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
    2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
    2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
    2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
    2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-11-28 00:06:34 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-28 00:06:33 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-11-28 00:06:33 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
    2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-09 18:08:16 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
    2012-11-09 18:08:16 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
    2012-11-09 18:08:16 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2430.dll
    2012-11-09 18:08:16 867020 ----a-w- C:\Windows\SysWow64\igkrng575.bin
    2012-11-09 18:08:16 867020 ----a-w- C:\Windows\System32\igkrng575.bin
    2012-11-09 18:08:16 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
    2012-11-09 18:08:16 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
    2012-11-09 18:08:15 128204 ----a-w- C:\Windows\SysWow64\igcompkrng575.bin
    2012-11-09 18:08:15 128204 ----a-w- C:\Windows\System32\igcompkrng575.bin
    2012-11-09 18:08:15 105608 ----a-w- C:\Windows\SysWow64\igfcg575m.bin
    2012-11-09 18:08:15 105608 ----a-w- C:\Windows\System32\igfcg575m.bin
    2012-11-09 18:08:14 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    .
    ============= FINISH: 13:07:59.16 ===============



    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 19/07/2011 4:11:36 PM
    System Uptime: 10/01/2013 5:46:21 PM (20 hours ago)
    .
    Motherboard: Hewlett-Packard | | 3674
    Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz | CPU | 1578/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 450 GiB total, 380.379 GiB free.
    D: is FIXED (NTFS) - 16 GiB total, 1.893 GiB free.
    E: is CDROM ()
    F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.
    G: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP159: 10/01/2013 2:23:07 AM - Removed AVG 2011
    RP160: 10/01/2013 2:32:34 AM - Removed AVG 2011
    RP161: 10/01/2013 3:00:14 AM - Windows Update
    RP162: 10/01/2013 12:38:16 PM - Installed AVG 2013
    RP163: 10/01/2013 12:39:04 PM - Installed AVG 2013
    RP164: 10/01/2013 12:40:56 PM - Removed AVG 2013
    RP165: 10/01/2013 12:49:10 PM - Removed Mastering High School Math 2009
    RP166: 10/01/2013 12:53:41 PM - Installed AVG 2013
    RP167: 10/01/2013 12:57:41 PM - Installed AVG 2013
    RP168: 10/01/2013 1:00:13 PM - Removed AVG 2013
    RP169: 10/01/2013 1:22:14 PM - Installed AVG 2013
    RP170: 10/01/2013 1:23:04 PM - Installed AVG 2013
    RP171: 10/01/2013 1:24:54 PM - Removed AVG 2013
    RP172: 10/01/2013 1:58:11 PM - Removed Claro Chrome Toolbar
    RP173: 10/01/2013 2:07:25 PM - Removed Visual Studio 2008 x64 Redistributables
    RP174: 10/01/2013 2:23:43 PM - Installed AVG 2013
    RP175: 10/01/2013 2:24:36 PM - Installed AVG 2013
    RP176: 10/01/2013 2:26:27 PM - Removed AVG 2013
    RP177: 10/01/2013 3:17:14 PM - Installed AVG 2013
    RP178: 10/01/2013 3:18:04 PM - Installed AVG 2013
    RP179: 10/01/2013 3:20:18 PM - Removed AVG 2013
    RP180: 10/01/2013 3:52:59 PM - Installed AVG 2013
    RP181: 10/01/2013 3:55:41 PM - Installed AVG 2013
    RP182: 10/01/2013 3:59:51 PM - Removed AVG 2013
    RP183: 10/01/2013 4:16:25 PM - Windows Update
    RP184: 10/01/2013 4:20:55 PM - Installed AVG 2013
    RP185: 10/01/2013 4:24:40 PM - Removed AVG 2013
    RP186: 11/01/2013 11:44:19 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.0.1)
    Adobe Reader X (10.1.5) MUI
    Adobe Shockwave Player 11.5
    Agatha Christie - Peril at End House
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bejeweled 2 Deluxe
    Blackhawk Striker 2
    Blasterball 3
    Bonjour
    Bounce Symphony
    Browser Manager
    Cake Mania
    Canon Easy-PhotoPrint EX
    Canon Easy-WebPrint EX
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program
    Canon MG4100 series MP Drivers
    Canon MP Navigator EX 5.0
    Canon My Printer
    Canon Solution Menu EX
    Chuzzle Deluxe
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Contrôle ActiveX Windows Live Mesh pour connexions à distance
    CyberLink DVD Suite
    CyberLink YouCam
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
    DivX Setup
    Dora's World Adventure
    EasyBits GO
    Emergency 2012
    Energy Star Digital Logo
    ESU for Microsoft Windows 7
    Farm Frenzy
    FATE
    Final Drive Nitro
    Galerie de photos Windows Live
    Google Apps
    Google Chrome
    Google Desktop
    Google Earth
    Google Toolbar for Firefox
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google Updater
    Hewlett-Packard ACLM.NET v1.2.1.1
    HP Auto
    HP Client Services
    HP CloudDrive
    HP Customer Experience Enhancements
    HP Documentation
    HP Game Console
    HP Games
    HP On Screen Display
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Setup Manager
    HP Software Framework
    HP Support Assistant
    HP Wireless Assistant
    iLivid
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    iTunes
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 22 (64-bit)
    Java(TM) 6 Update 37
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    Magic ISO Maker v5.4 (build 0256)
    Magic ISO Maker v5.5 (build 0281)
    MagicDisc 2.7.106
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 32-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 32-bit MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Monopoly by Parker Brothers
    Mozilla Firefox (3.6.23)
    MSVCRT
    MSVCRT_amd64
    Mystery P.I. - The London Caper
    NVIDIA PhysX
    Penguins!
    PictureMover
    Plants vs. Zombies
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Realtek PCIE Card Reader
    REALTEK Wireless LAN Driver
    RealUpgrade 1.1
    Recovery Manager
    RonyaSoft CD DVD Label Maker 3.01
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Skype™ 5.10
    Spybot - Search & Destroy
    Synaptics TouchPad Driver
    System Requirements Lab for Intel
    Torch
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553092)
    VC80CRTRedist - 8.0.50727.6195
    Virtual Villagers 4 - The Tree of Life
    Visual Studio 2010 x64 Redistributables
    Vuze
    WebM Media Foundation Components
    WinAce Archiver
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    World Cup Cricket 20-20
    Yahoo! Software Update
    Yahoo! Toolbar
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/01/2013 5:47:22 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
    10/01/2013 4:18:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2709981).
    10/01/2013 4:18:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2574819).
    10/01/2013 4:18:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Canon - Printers - Canon MG4100 series Printer.
    10/01/2013 4:18:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Synaptics - Input - Synaptics PS/2 Port TouchPad.
    10/01/2013 4:18:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2592687).
    10/01/2013 4:18:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Intel Corporation - Display - Intel(R) HD Graphics.
    10/01/2013 3:07:47 AM, Error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
    10/01/2013 2:18:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
    10/01/2013 1:16:19 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    09/01/2013 9:50:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2785220).
    09/01/2013 9:50:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2757638).
    09/01/2013 9:50:23 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2786400).
    09/01/2013 9:50:23 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2773072).
    09/01/2013 9:49:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599).
    09/01/2013 9:40:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2786081).
    09/01/2013 9:40:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2726535).
    09/01/2013 9:40:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2778930).
    09/01/2013 9:40:46 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422).
    09/01/2013 9:09:22 PM, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: Access is denied.
    09/01/2013 10:01:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2769369).
    09/01/2013 10:01:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).
    08/01/2013 3:25:44 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Taro-HP\Taro SID (S-1-5-21-2829159689-3348195290-2360904669-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================



    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-11 13:22:48
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465.76GB
    Running: iv561v29.exe; Driver: C:\Users\Taro\AppData\Local\Temp\kwldipog.sys

    ---- User code sections - GMER 2.0 ----
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1912] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe[1172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe[1372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1688] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2068] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe[2280] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2348] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe[3152] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE[3200] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\system32\MSVCR100.dll!_CIatan2 + 274 00000000747b48cc 3 bytes [22, 0C, 5F]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3312] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4024] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE[4080] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4516] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076a4cfca 5 bytes JMP 00000001737c4540
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077851401 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077851419 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077851431 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007785144a 2 bytes [85, 77]
    .text ... * 9
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000778514dd 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000778514f5 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007785150d 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077851525 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007785153d 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077851555 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007785156d 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077851585 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007785159d 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000778515b5 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000778515cd 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000778516b2 2 bytes [85, 77]
    .text C:\Users\Taro\Desktop\iv561v29.exe[2236] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000778516bd 2 bytes [85, 77]
    ---- Processes - GMER 2.0 ----
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [1372] 0000000073660000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2552] 0000000072de0000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [1676] 0000000074d40000
    Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [3388] 000007fef1460000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Internet Explorer\IELowutil.exe [3268] 00000000759b0000
    ---- EOF - GMER 2.0 ----
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1084768

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice