1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

iexplorer.exe process virus.

Discussion in 'Virus & Other Malware Removal' started by GsNp, Jan 21, 2013.

Thread Status:
Not open for further replies.
  1. GsNp

    GsNp Thread Starter

    Joined:
    Jan 21, 2013
    Messages:
    1
    I've done extensive research over the past week as to how to remove this virus but I've still been unsuccessful in doing so. I have tried everything I can possibly think of, running MSE and Malware Byte + Spybot over night on safemode, has done nothing. Hoping I can be assisted, thanks.
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz, Intel64 Family 6 Model 23 Stepping 6
    Processor Count: 2
    RAM: 4095 Mb
    Graphics Card: NVIDIA GeForce GTX 460 SE, 1024 Mb
    Hard Drives: C: Total - 305234 MB, Free - 29303 MB;
    Motherboard: ASUSTeK Computer INC., P5K SE/EPU
    Antivirus: Microsoft Security Essentials, Updated and Enabled

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:33:41 PM, on 1/21/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe
    C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
    C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
    C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
    C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
    C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB

    Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe
    C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_launcher

    \releases\0.0.0.104\deploy\LoLLauncher.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_air_client

    \releases\0.0.0.232\deploy\LolClient.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash

    \FlashPlayerPlugin_11_5_502_146.exe
    C:\Windows\SysWOW64\Macromed\Flash

    \FlashPlayerPlugin_11_5_502_146.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\syswow64\MsiExec.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Gerson GsNp Nuñez\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    my.daemon-search.com
    R1 - HKLM\Software\Microsoft\Internet Explorer

    \Main,Default_Page_URL = http://go.microsoft.com/fwlink/?

    LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer

    \Main,Default_Search_URL = http://go.microsoft.com/fwlink/?

    LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer

    \Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer

    \Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

    Settings,ProxyOverride = *.local;192.168.*.*
    R0 - HKCU\Software\Microsoft\Internet Explorer

    \Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-

    768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart

    Web Printing\hpswp_printenhancer.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-

    FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

    \ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - (no

    file)
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no

    file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -

    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search

    Helper\SEPsearchhelperie.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-

    D4DAF1D92D43} - C:\Program Files (x86)\JAVA\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-

    8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft

    Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-

    42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f}

    - C:\Program Files (x86)\MSN Toolbar\Platform

    \4.0.0357.1\npwinext.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-

    BC74-9C25C1C588A9} - C:\Program Files (x86)\JAVA\jre7\bin

    \jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-

    0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart

    Web Printing\hpswp_BHO.dll (file missing)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-

    4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar

    \DTToolbar.dll (file missing)
    O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f}

    - C:\Program Files (x86)\MSN Toolbar\Platform

    \4.0.0357.1\npwinext.dll (file missing)
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files

    (x86)\Microsoft\Search Enhancement Pack\Default Manager

    \DefMgr.exe" -resume
    O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files

    (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
    O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai

    Suite\AiGear3\CpuPowerMonitor.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap

    \AiNap.exe"
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files

    (x86)\Seagate\DiscWizard\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai

    Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files

    (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common

    Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP

    \HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files

    (x86)\Common Files\Research In Motion\USB Drivers

    \RIMBBLaunchAgent.exe
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam

    Software\LWS.exe -hide
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common

    Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files

    (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes

    \iTunesHelper.exe"
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe"

    -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files

    (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Gerson GsNp Nuñez

    \AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [PWRD] Rundll32.exe "C:\Users\Gerson GsNp Nuñez

    \AppData\Local\PWRD\ehvzflul.dll",DllRegisterServer
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files

    \SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows

    Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows

    \System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows

    Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows

    \System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-1066935243-3203660983-2388441270-1007\..\Run:

    [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

    (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-1066935243-3203660983-2388441270-1007\..

    \RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User

    'UpdatusUser')
    O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files

    (x86)\GamersFirst\LIVE!\Live.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program

    Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -

    res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:

    \PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-

    5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office

    \Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-

    4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office

    \Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-

    9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office

    \Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-

    6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft

    Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865

    -83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital

    Imaging\Smart Web Printing\hpswp_BHO.dll (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common

    files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common

    files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash

    Object) -

    http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash

    .cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}

    - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-

    00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft

    Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com

    - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis -

    C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) -

    Adobe Systems Incorporated - C:\Program Files (x86)\Common Files

    \Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service

    (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:

    \Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown

    owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files

    (x86)\Common Files\Apple\Mobile Device Support

    \AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files

    \Bonjour\mDNSResponder.exe
    O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files

    (x86)\Motorola Media Link\Lite\NServiceEntry.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) -

    Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown

    owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    (file missing)
    O23 - Service: Google Update Service (gupdatem) (gupdatem) -

    Unknown owner - C:\Program Files (x86)\Google\Update

    \GoogleUpdate.exe (file missing)
    O23 - Service: IHA_MessageCenter - Unknown owner - C:\Program

    Files (x86)\Verizon\IHA_MessageCenter\Bin

    \Verizon_IHAMessageCenter.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod

    \bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:

    \Windows\system32\lsass.exe (file missing)
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner -

    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) -

    Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance

    Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:

    \Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon)

    - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown

    owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown

    owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) -

    NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation

    \NVIDIA Update Core\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows

    \system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300

    (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

    (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator)

    - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) -

    Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) -

    Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search &

    Destroy\SDWinSec.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies -

    C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) -

    Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) -

    Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) -

    Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Unknown owner - C:\Program

    Files (x86)\Common Files\Steam\SteamService.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo

    Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA

    Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:

    \Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101

    (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

    (file missing)
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files

    (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003

    (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file

    missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown

    owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) -

    Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601

    (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat

    \WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine)

    - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110

    (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

    (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player

    \wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program

    Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows

    \system32\xsherlock.xem

    --
    End of file - 15071 bytes

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
    Run by Gerson GsNp Nuñez at 14:37:19 on 2013-01-21
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.1548 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe
    C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
    C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    C:\Windows\RAVCpl64.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
    C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k HPService
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
    C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.104\deploy\LoLLauncher.exe
    C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.232\deploy\LolClient.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\msiexec.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
    C:\Windows\system32\taskmgr.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Gerson GsNp Nuñez\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Gerson GsNp Nuñez\Desktop\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = my.daemon-search.com
    mSearchAssistant = about:blank
    mWinlogon: Userinit = userinit.exe,
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} -
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - <orphaned>
    BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\JAVA\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\JAVA\jre7\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -
    TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
    TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
    TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} -
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} -
    uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    uRun: [PlayNC Launcher] <no file>
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
    mRun: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
    mRun: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
    mRun: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.69.92
    TCP: Interfaces\{87C8CA39-249F-404B-B49D-93C9C1BB87DD} : DHCPNameServer = 192.168.69.92
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    LSA: Authentication Packages = msv1_0 relog_ap
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
    x64-Run: [Skytel] Skytel.exe
    x64-Run: [RtHDVCpl] RAVCpl64.exe
    x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
    x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Gerson GsNp Nuñez\AppData\Roaming\Mozilla\Firefox\Profiles\0ogh770x.default-1351113551272\
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
    R0 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2007-6-15 163736]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-9-19 87368]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-29 1153368]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
    R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-10 3463080]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
    R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\System32\drivers\l160x64.sys [2009-10-13 61440]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
    R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-9 50208]
    R3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
    R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]
    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 IHA_MessageCenter;IHA_MessageCenter;"C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" --> C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
    S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2012-5-9 59648]
    S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM);C:\Windows\System32\drivers\lmvac.sys [2011-3-22 22016]
    S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2007-5-9 16032]
    S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
    S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
    S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
    S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-25 1255736]
    S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]
    .
    =============== Created Last 30 ================
    .
    2013-01-21 19:37:22 -------- d-----w- C:\Users\Gerson GsNp Nu±ez\AppData\Local\Microsoft
    2013-01-21 19:25:55 -------- d-----w- C:\Program Files (x86)\Verizon
    2013-01-21 17:22:24 -------- d-----w- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\SUPERAntiSpyware.com
    2013-01-21 17:21:51 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2013-01-21 17:21:51 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2013-01-21 04:03:30 -------- d-----w- C:\Program Files (x86)\Warframe
    2013-01-20 19:36:56 -------- d-----w- C:\Program Files (x86)\Euro Truck Simulator 2
    2013-01-19 23:55:37 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5363F60A-A3C2-4148-95E7-DC64615ACF3D}\gapaengine.dll
    2013-01-19 23:55:24 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{923FDA0D-02C8-4DCA-BD38-4C181515709C}\mpengine.dll
    2013-01-19 23:53:08 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2013-01-19 23:53:06 -------- d-----w- C:\Program Files\Microsoft Security Client
    2013-01-19 23:22:58 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-01-19 23:22:16 0 ----a-w- C:\Windows\SysWow64\REN4F47.tmp
    2013-01-19 23:22:16 0 ----a-w- C:\Windows\SysWow64\REN4F46.tmp
    2013-01-19 19:13:17 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
    2013-01-18 15:03:41 9161176 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9366BB06-F6B8-402E-9023-E24B1445C196}\mpengine.dll
    2013-01-17 23:19:49 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
    2013-01-17 23:14:16 -------- d-----w- C:\ProgramData\EA Logs
    2013-01-17 19:02:44 -------- d-----w- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\Sony Online Entertainment
    2013-01-14 16:23:24 2848312 ----a-r- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\Microsoft\Installer\{EAB5AC2D-BDD5-4864-8380-904B3EB4B1E7}\Icon_2.exe
    2013-01-14 16:23:24 2848312 ----a-r- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\Microsoft\Installer\{EAB5AC2D-BDD5-4864-8380-904B3EB4B1E7}\Icon_1.exe
    2013-01-14 16:22:50 -------- d-----w- C:\Program Files (x86)\Vivox
    2013-01-12 18:50:03 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
    2013-01-12 18:50:03 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
    2013-01-12 18:49:59 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
    2013-01-12 18:46:35 -------- d-----w- C:\Users\Gerson GsNp Nuñez\.swt
    2013-01-09 19:38:48 68608 ----a-w- C:\Windows\System32\taskhost.exe
    2013-01-09 19:38:46 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2013-01-03 04:40:57 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
    2013-01-03 04:40:44 -------- d-----w- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\SystemRequirementsLab
    2012-12-31 00:43:17 -------- d-----w- C:\Program Files (x86)\Broodwar
    2012-12-29 07:54:24 550328 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2012-12-27 07:26:26 -------- d-----w- C:\Users\Gerson GsNp Nuñez\AppData\Roaming\Electronic Arts
    2012-12-23 23:50:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-12-23 23:50:42 -------- d-----w- C:\Program Files\iTunes
    2012-12-23 23:50:42 -------- d-----w- C:\Program Files\iPod
    .
    ==================== Find3M ====================
    .
    2013-01-21 19:32:21 260 ----a-w- C:\Windows\SysWow64\cmdVBS.vbs
    2013-01-21 19:32:21 256 ----a-w- C:\Windows\SysWow64\MSIevent.bat
    2013-01-18 21:36:21 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2013-01-18 21:36:21 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2013-01-18 21:35:54 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2013-01-17 23:25:21 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2013-01-09 12:58:33 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-01-09 12:58:33 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-29 10:34:47 958272 ----a-w- C:\Windows\SysWow64\nvumdshim.dll
    2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll
    2012-12-29 08:40:09 118712 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
    2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
    2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
    2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
    2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
    2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
    2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
    2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
    2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
    2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
    2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
    2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
    2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
    2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
    2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
    2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
    2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
    2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
    2012-12-01 05:49:26 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
    2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-11-09 14:54:57 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
    2012-11-09 14:54:52 916456 ----a-w- C:\Windows\System32\deployJava1.dll
    2012-11-09 14:54:52 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
    2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2010-11-19 14:09:00 30840 ----a-w- C:\Program Files (x86)\sjcs64.sys
    .
    ============= FINISH: 14:38:57.02 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/22/2011 7:58:22 PM
    System Uptime: 1/21/2013 2:10:52 PM (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P5K SE/EPU
    Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz | LGA775 | 2527/266mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 298 GiB total, 27.399 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Description: Virtual Audio Cable
    Device ID: ROOT\MEDIA\0000
    Manufacturer: EuMus Design
    Name: Virtual Audio Cable
    PNP Device ID: ROOT\MEDIA\0000
    Service: EuMusDesignVirtualAudioCableWdm
    .
    Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Description: Microsoft PS/2 Mouse
    Device ID: ACPI\PNP0F03\4&20D7719E&0
    Manufacturer: Microsoft
    Name: Microsoft PS/2 Mouse
    PNP Device ID: ACPI\PNP0F03\4&20D7719E&0
    Service: i8042prt
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart D110 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart D110 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart D110 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart D110 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Description: Standard PS/2 Keyboard
    Device ID: ACPI\PNP0303\4&20D7719E&0
    Manufacturer: (Standard keyboards)
    Name: Standard PS/2 Keyboard
    PNP Device ID: ACPI\PNP0303\4&20D7719E&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP417: 1/19/2013 6:21:34 PM - Installed Java 7 Update 11
    RP418: 1/20/2013 11:00:15 PM - Installed Warframe
    RP419: 1/20/2013 11:03:46 PM - Installed DirectX
    RP420: 1/21/2013 2:06:28 PM - Removed IHA_MessageCenter
    RP421: 1/21/2013 2:24:27 PM - Installed Vz In Home Agent.
    RP422: 1/21/2013 2:25:02 PM - Installed Vz In Home Agent.
    RP423: 1/21/2013 2:32:05 PM - Removed IHA_MessageCenter
    .
    ==== Installed Programs ======================
    .
    µTorrent
    64 Bit HP CIO Components Installer
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.5)
    Adobe Shockwave Player 11.5
    AI Suite
    Aion
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ASUSUpdate
    Atheros Ethernet Utility
    AVG PC Tuneup 2011
    Battlefield 3™
    Battlelog Web Plugins
    BlackBerry Desktop Software 6.1
    Bonjour
    BufferChm
    C3
    Call of Duty: Modern Warfare 3
    Call of Duty: Modern Warfare 3 - Multiplayer
    CameraHelperMsi
    Chivalry: Medieval Warfare
    Compatibility Pack for the 2007 Office system
    Counter-Strike
    Counter-Strike: Global Offensive
    Counter-Strike: Source
    CutePDF Writer 3.0
    D110
    D3DX10
    DAEMON Tools Toolbar
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Destinations
    DeviceDiscovery
    Diablo III
    Dota 2
    EA SPORTS Game Face Browser Plugin 1.8.0.0
    erLT
    ESN Sonar
    Euro Truck Simulator 2
    EVGA Precision X 3.0.4
    FIFA 13
    Fraps (remove only)
    FrostWire 5.2.3
    gamelauncher-ps2-live
    Gears of War
    Google Chrome
    Google Update Helper
    GPBaseService2
    Guild Wars 2
    HP Customer Participation Program 14.0
    HP Imaging Device Functions 14.0
    HP Photo Creations
    HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
    HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
    HP Smart Web Printing 4.60
    HP Solution Center 14.0
    HP Update
    HPAppStudio
    HPDiagnosticAlert
    HPPhotoGadget
    HPProductAssistant
    HPSSupply
    IHA_MessageCenter
    iTunes
    Java 7 Update 11
    Java 7 Update 9 (64-bit)
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 31
    JavaFX 2.1.1
    League of Legends
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Magicka
    Malwarebytes Anti-Malware version 1.70.0.1100
    MarketResearch
    marvell 61xx
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Default Manager
    Microsoft Games for Windows Marketplace
    Microsoft IntelliType Pro 8.2
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Excel Viewer
    Microsoft Office Home and Business 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Office Word Viewer 2003
    Microsoft Search Enhancement Pack
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WSE 3.0 Runtime
    Microsoft Xbox 360 Accessories 1.2
    Microsoft XNA Framework Redistributable 3.1
    mIRC
    MotoHelper 2.1.32 Driver 5.4.0
    MotoHelper MergeModules
    MOTOROLA MEDIA LINK
    Motorola Mobile Drivers Installation 5.4.0
    Mozilla Firefox 18.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSN Toolbar
    MSN Toolbar Platform
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mumble 1.2.3
    NCLauncher (plaync)
    NCsoft Launcher
    Network64
    Notepad++
    NVIDIA 3D Vision Controller Driver
    NVIDIA 3D Vision Controller Driver 310.90
    NVIDIA 3D Vision Driver 310.90
    NVIDIA Control Panel 310.90
    NVIDIA Graphics Driver 310.90
    NVIDIA HD Audio Driver 1.3.18.0
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.1031
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.11.3
    NVIDIA Update Components
    ooVoo
    OpenAL
    Origin
    Pando Media Booster
    PC Probe II
    ProDiscover Basic 7.2.0.0
    PS_AIO_07_D110_SW_Min
    PunkBuster Services
    QuickTime
    QuickTransfer
    Realtek High Definition Audio Driver
    Scan
    Seagate DiscWizard
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
    Shop for HP Supplies
    Skype™ 6.0
    SmartWebPrinting
    SolutionCenter
    Source SDK Base 2007
    Spybot - Search & Destroy
    StarCraft
    StarCraft II
    Status
    Steam
    SUPERAntiSpyware
    System Requirements Lab CYRI
    System Requirements Lab Detection
    TeamSpeak 3 Client
    TeamViewer 8
    Toolbox
    TrayApp
    Uninstall KnightOnlineEn
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    Ventrilo Client for Windows x64
    Virtual Audio Cable 4.8
    Visual Studio 2008 x64 Redistributables
    VLC media player 2.0.4
    Vz In Home Agent
    Warframe
    WebReg
    WEBZEN Browser Extension
    Winamp
    Winamp Detector Plug-in
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Messenger
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Media Player Firefox Plugin
    WinRAR 4.00 (64-bit)
    World of Warcraft
    XSplit
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/21/2013 2:14:12 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
    1/21/2013 2:11:35 PM, Error: Service Control Manager [7000] - The IHA_MessageCenter service failed to start due to the following error: The system cannot find the file specified.
    1/21/2013 12:59:29 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.383.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
    1/21/2013 12:59:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    1/21/2013 12:52:07 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    1/21/2013 12:52:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
    1/21/2013 12:52:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
    1/21/2013 12:49:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    1/21/2013 12:49:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    1/21/2013 12:49:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    1/21/2013 12:49:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    1/21/2013 12:49:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    1/21/2013 12:49:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/21/2013 12:49:16 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/21/2013 12:48:32 AM, Error: sptd [4] - Driver detected an internal error in its data structures for .
    1/21/2013 1:12:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    1/19/2013 6:56:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.383.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240017 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    1/19/2013 5:03:57 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The system cannot find the file specified.
    1/18/2013 11:51:14 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    .
    ==== End Of File ===========================
    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-21 15:21:09
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST3320620AS rev.3.AAE 298.09GB
    Running: qw0ioxhw.exe; Driver: C:\Users\GERSON~1\AppData\Local\Temp\kxldqpoc.sys


    ---- User code sections - GMER 2.0 ----

    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9
    .text ... * 9

    ---- Trace I/O - GMER 2.0 ----

    Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a7f060] fffffa8004a7f060
    Trace 3 CLASSPNP.SYS[fffff880017ca43f] -> nt!IofCallDriver -> [0xfffffa8003958e40] fffffa8003958e40
    Trace 5 ACPI.sys[fffff88000f5e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80043ef060] fffffa80043ef060
    ---- Processes - GMER 2.0 ----

    Library ? (*** suspicious ***) @ C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252] 0000000071ff0000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348] 0000000072940000
    Library ? (*** suspicious ***) @ C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296] 0000000076410000
    Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [4432] 000007feeb330000

    ---- Devices - GMER 2.0 ----

    Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 m32\ntoskrnl.exe
    Device \Driver\atapi \Device\Ide\IdePort0
    Device \Driver\atapi \Device\Ide\IdePort1 m32\ntoskrnl.exe
    Device \Driver\atapi \Device\Ide\IdePort2 m32\ntoskrnl.exe
    Device \Driver\atapi \Device\Ide\IdePort3 m32\ntoskrnl.exe
    Device \Driver\atapi \Device\ScsiPort0 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\atapi \Device\ScsiPort1 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\atapi \Device\ScsiPort2 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\atapi \Device\ScsiPort3 ws\system32\DRIVERS\kbdclass.sys

    ---- Trace I/O - GMER 2.0 ----

    Trace \Driver\atapi[0xfffffa80043abc80] -> IRP_MJ_CREATE -> 0xfffffa80039ab2c0 fffffa80039ab2c0

    Device \Driver\cdrom \Device\CdRom0 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\cdrom \Device\CdRom1 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\mv61xx \Device\Scsi\mv61xx1 m32\ntoskrnl.exe
    Device \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target0Lun0 m32\ntoskrnl.exe
    Device \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target19Lun0 m32\ntoskrnl.exe
    Device \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target1Lun0 m32\ntoskrnl.exe
    Device \Driver\mv61xx \Device\ScsiPort4 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\NetBT \Device\NetBT_Tcpip_{87C8CA39-249F-404B-B49D-93C9C1BB87DD} ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\NetBT \Device\NetBt_Wins_Export ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbehci \Device\USBFDO-3 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbehci \Device\USBFDO-7 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbehci \Device\USBPDO-3 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbehci \Device\USBPDO-7 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-0 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-1 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-2 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-4 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-5 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBFDO-6 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-0 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-1 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-2 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-4 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-5 ws\system32\DRIVERS\kbdclass.sys
    Device \Driver\usbuhci \Device\USBPDO-6 ws\system32\DRIVERS\kbdclass.sys
    Device \FileSystem\fastfat \Fat
    Device \FileSystem\Ntfs \Ntfs

    ---- Threads - GMER 2.0 ----

    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:1068] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:232] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:236] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:2704] 00000000713f17a4
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:276] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:3652] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:4008] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:4028] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:4384] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:4664] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:4912] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5124] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5128] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5132] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5136] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5140] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5144] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5148] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5152] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5156] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5160] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5164] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5168] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5172] 000000000439712f
    Thread C:\Program Files (x86)\ASUS\AASP\1.00.59\aaCenter.exe [2252:5176] 000000000439712f

    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe[3508] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe[2804] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]

    ---- Threads - GMER 2.0 ----

    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:1180] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:1520] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:156] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:5220] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:5668] 000000007294a3e0
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6076] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6080] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6084] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6088] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6092] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6096] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6100] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6104] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6108] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6112] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6116] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6120] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6124] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6128] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6132] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6136] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:6140] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:696] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:724] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe [5788:848] 0000000002d2712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:3424] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:344] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:348] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:392] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4020] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4024] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4336] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4580] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4584] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4644] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4648] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4652] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4656] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4672] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4684] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4692] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4704] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4720] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4860] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4956] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:4964] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:5332] 000000006d9f91f0
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:600] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:680] 0000000003d4712f
    Thread C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2348:880] 0000000003d4712f

    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[3496] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000074f22694 5 bytes JMP 000000016ef393c8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\kernel32.dll!CreateThread 0000000076b534b5 5 bytes JMP 000000016eda75db
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077812a63 6 bytes JMP 000000016eda9805
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000778025fd 6 bytes JMP 000000016ee08042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000075226143 5 bytes JMP 000000016ef39784
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000768593ec 5 bytes JMP 000000016ef391d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000767f4731 5 bytes JMP 000000016ef397ee
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000767f3e59 5 bytes JMP 000000016ef3987c
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000767f5dee 5 bytes JMP 000000016ef3989a
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000767f3eae 5 bytes JMP 000000016ef398fa
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000076c76285 5 bytes JMP 000000016ee07fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000076c6d22e 5 bytes JMP 000000016edb363b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076c68a29 5 bytes JMP 000000016ee103cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000076cace64 5 bytes JMP 000000016ef3901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000076c8cbf3 5 bytes JMP 000000016ef38fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000076cacb0c 5 bytes JMP 000000016ef38f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076c8cfca 5 bytes JMP 000000016ed41893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DrawTextExW 0000000076c7149e 6 bytes [68, 44, DC, EB, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!DrawTextW 0000000076c725cf 6 bytes [68, FC, D0, EB, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000076c72da4 5 bytes JMP 000000016ede9eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!MessageBeep 0000000076c7c036 6 bytes [68, 2C, 6E, EC, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000076cbfcd6 5 bytes JMP 000000016ef38dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000076cbfcfa 5 bytes JMP 000000016ef38d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000076cbfbd1 5 bytes JMP 000000016ef38ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000076cbfc9d 5 bytes JMP 000000016ef38e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000076c77603 5 bytes JMP 000000016ede25ac
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000076c8f52b 5 bytes JMP 000000016ee2ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\WININET.dll!HttpOpenRequestA 0000000076df5761 6 bytes [68, 8C, F7, EB, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\WININET.dll!HttpOpenRequestW 0000000076df5fef 6 bytes [68, D4, 02, EC, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\ws2_32.dll!send 00000000762b6f01 6 bytes [68, 3C, 88, EB, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\syswow64\ws2_32.dll!WSASend 00000000762b4406 6 bytes [68, 84, 93, EB, 04, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000071307922 5 bytes JMP 000000016ef39128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[7496] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007126388e 5 bytes JMP 000000016ef39080
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000074f22694 5 bytes JMP 000000016ef393c8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 00000000768593ec 5 bytes JMP 000000016ef391d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000076cace64 5 bytes JMP 000000016ef3901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000076c8cbf3 5 bytes JMP 000000016ef38fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000076cacb0c 5 bytes JMP 000000016ef38f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000076c8cfca 5 bytes JMP 000000016ed41893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!DrawTextW 0000000076c725cf 6 bytes [68, 3C, 88, 24, 05, C3]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000076c72da4 5 bytes JMP 000000016ede9eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000076cbfcd6 5 bytes JMP 000000016ef38dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000076cbfcfa 5 bytes JMP 000000016ef38d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000076cbfbd1 5 bytes JMP 000000016ef38ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000076cbfc9d 5 bytes JMP 000000016ef38e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000071307922 5 bytes JMP 000000016ef39128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[8088] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 000000007126388e 5 bytes JMP 000000016ef39080
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\iTunes\iTunesHelper.exe[3632] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[2184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]

    ---- Threads - GMER 2.0 ----

    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:1000] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:1280] 0000000062d8539b
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:1988] 0000000005b63308
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:2148] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:2656] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3040] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3132] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3504] 0000000077822e25
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3528] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3724] 00000000726162ee
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:372] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3892] 00000000708227e1
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3928] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:3932] 0000000005b63308
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:4060] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:4068] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:4424] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:4600] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5072] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5084] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5088] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5092] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5096] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5100] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5104] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5108] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5112] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5116] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5184] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5188] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5260] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5312] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5368] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5432] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5440] 00000000729427c1
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5512] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5552] 0000000062d86314
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5568] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5720] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5824] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5852] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5876] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5936] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:5944] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6160] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6200] 0000000077823e45
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6204] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6240] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6256] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6396] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6488] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6604] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6896] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6944] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6964] 000000006ab332fb
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:6988] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7048] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7052] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7056] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7128] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7360] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7448] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:7676] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:8136] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:816] 0000000005b9712f
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:852] 000000006f7cc724
    Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6440:9068] 0000000077823e45
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:1176] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:2408] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:3392] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:3484] 0000000077823e45
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:4052] 0000000077823e45
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5180] 0000000062d8539b
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5236] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5264] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5436] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5872] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:5964] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:6412] 0000000061f3eb50
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:6824] 00000000708227e1
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:692] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7020] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7436] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7696] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7704] 0000000061f3eb50
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7728] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7744] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7748] 0000000061f3eb50
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7756] 0000000061f3eb50
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7760] 0000000077822e25
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7772] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7780] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7832] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7852] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7856] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7892] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7972] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:7988] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:8024] 00000000031b712f
    Thread C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [3432:8028] 00000000031b712f

    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[4948] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe[3440] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe[3464] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[3316] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe[3448] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe[3456] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]

    ---- Threads - GMER 2.0 ----

    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:152] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:2204] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:2708] 00000000713f17a4
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:2740] 0000000003f73278
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3208] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3212] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3264] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3308] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3324] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3328] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3332] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3336] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3344] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3364] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3416] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3472] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3568] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3596] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3600] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3608] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3664] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3668] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3672] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3684] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:3700] 000000000395712f
    Thread C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe [2296:924] 000000000395712f
    Thread C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3176:4340] 000007feec471ebc

    ---- User code sections - GMER 2.0 ----

    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Users\Gerson GsNp Nuñez\Desktop\qw0ioxhw.exe[5248] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]

    ---- Kernel code sections - GMER 2.0 ----

    .text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff88004fced64 12 bytes {MOV RAX, 0xfffffa80051ab2a0; JMP RAX}

    ---- User code sections - GMER 2.0 ----

    ? C:\Windows\system32\mssprxy.dll [8088] entry point in ".rdata" section 0000000073f971e6
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000729b17fa 2 bytes [9B, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 00000000729b1860 2 bytes [9B, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 00000000729b194d 2 bytes [9B, 72]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2900] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 00000000729b1942 2 bytes [9B, 72]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 00000000777e000c 1 byte [C3]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007786f85a 5 bytes JMP 000000017781d571
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076ae14dd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076ae1555 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076ae1419 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076ae14f5 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076ae1525 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076ae15b5 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076ae153d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076ae15cd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076ae1401 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076ae1431 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076ae144a 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076ae1585 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076ae16b2 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076ae16bd 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076ae156d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076ae159d 2 bytes [AE, 76]
    .text C:\Windows\SysWOW64\rundll32.exe[3744] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076ae150d 2 bytes [AE, 76]

    ---- Registry - GMER 2.0 ----

    Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\[email protected]:\Users\Gerson GsNp Nuñez\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe 1
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0x70 0xFC 0xF4 0x73 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] C:\Program Files (x86)\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0xA0 0x02 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x06 0xD0 0x89 0x3A ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x68 0xD0 0x3E 0x0F ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x70 0xFC 0xF4 0x73 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...

    ---- Trace I/O - GMER 2.0 ----

    Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039ab2c0]<< sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80039ab2c0

    ---- EOF - GMER 2.0 ----
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1086292

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice