1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow internet; some programs freeze

Discussion in 'Virus & Other Malware Removal' started by ront162, Jan 9, 2013.

Thread Status:
Not open for further replies.
  1. ront162

    ront162 Thread Starter

    Joined:
    Jun 28, 2011
    Messages:
    17
    Recently, my computer has become very slow when on internet. Several programs freeze and have to reboot. I have tried rebooting router and computer several times, but no luck. Any help would be appreciated.
    thanks and logs attached below:

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: AMD E2-3200 APU with Radeon(tm) HD Graphics, AMD64 Family 18 Model 1 Stepping 0
    Processor Count: 2
    RAM: 3570 Mb
    Graphics Card: AMD Radeon HD6370D Graphics, 512 Mb
    Hard Drives: C: Total - 941743 MB, Free - 885721 MB; D: Total - 12022 MB, Free - 1472 MB;
    Motherboard: PEGATRON CORPORATION, 2ACF
    Antivirus: Microsoft Security Essentials, Updated and Enabled

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:55:20 PM, on 1/8/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\Common Files\AOL\1338159616\ee\aolsoftware.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
    C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Turner\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3247201
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O2 - BHO: ShopAtHome - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Shirley\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O2 - BHO: TBSB07898 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    O3 - Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
    O3 - Toolbar: Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Shirley\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (file missing)
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKLM\..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1338159616\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
    O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKCU\..\Run: [BE4AD78361A8ADAEAC76075B8EC7C4B9BB246F51._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
    O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12974 bytes

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
    Run by Turner at 22:59:47 on 2013-01-08
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3571.2043 [GMT -6:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\Common Files\AOL\1338159616\ee\aolsoftware.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
    C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3247201
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uSearch Page = hxxp://www.google.com/
    mStart Page = hxxp://search.coupons.com/
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: ShopAtHome.com Cash Back Helper: {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Shirley\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Shirley\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
    uRun: [BE4AD78361A8ADAEAC76075B8EC7C4B9BB246F51._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1338159616\ee\AOLSoftware.exe
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
    mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    TCP: NameServer = 208.67.222.222 208.67.220.220 24.159.64.23
    TCP: Interfaces\{292D3182-944C-40BE-9BFB-ADEE93A4C58B} : DHCPNameServer = 208.67.222.222 208.67.220.220 24.159.64.23
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutAzzyCtDyByB0BzzzzyByE0ByC0Bzy0BtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1583421961
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-11-24 78976]
    R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-11-24 38528]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2011-11-22 78208]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-24 204288]
    R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-11-24 1128952]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-31 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-31 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-31 168384]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-24 471144]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-24 47232]
    R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-26 14544]
    R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2012-8-17 25600]
    S3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-8-17 110592]
    S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2012-8-17 22528]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-27 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-01-09 01:11:04 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C954FE8C-CEDA-4FB5-80FA-E5B442CFB44C}\mpengine.dll
    2013-01-08 23:46:21 -------- d-----w- C:\Users\Turner\AppData\Roaming\Maxthon3
    2013-01-08 23:46:12 -------- d-----w- C:\Program Files (x86)\Maxthon
    2013-01-07 23:20:24 9125352 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-01-05 00:06:42 90824 ----a-w- C:\Windows\SysWow64\EasyHook32.dll
    2013-01-05 00:06:42 109256 ----a-w- C:\Windows\SysWow64\EasyHook64.dll
    2013-01-05 00:06:42 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedBit
    2013-01-04 22:39:31 -------- d-----w- C:\Users\Turner\AppData\Roaming\OpenDNS Updater
    2013-01-04 21:04:06 -------- d-sh--w- C:\Users\Turner\PrivacIE
    2013-01-04 21:02:11 -------- d-----w- C:\Windows\'Full Speed' Internet Booster
    2013-01-04 21:02:11 -------- d-----w- C:\Program Files (x86)\'Full Speed' Internet Booster
    2013-01-04 02:39:54 -------- d-----w- C:\Users\Turner\AppData\Local\TopWinPrio
    2012-12-31 22:13:56 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2012-12-31 22:13:56 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2012-12-31 22:13:56 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2012-12-31 22:13:56 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2012-12-31 22:03:58 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2012-12-31 22:03:58 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2012-12-31 22:03:58 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2012-12-31 22:03:57 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2012-12-31 22:03:57 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2012-12-31 22:03:56 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2012-12-31 22:03:56 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2012-12-31 19:16:47 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-12-31 19:16:36 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2012-12-31 19:16:29 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2012-12-31 19:15:34 -------- d-----w- C:\Users\Turner\AppData\Local\Programs
    2012-12-31 18:18:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-12-31 17:55:32 715776 ----a-w- C:\Windows\System32\kerberos.dll
    2012-12-31 17:55:32 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2012-12-31 17:55:31 95744 ----a-w- C:\Windows\System32\synceng.dll
    2012-12-31 17:55:31 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
    2012-12-31 17:55:13 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2012-12-31 17:55:12 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-12-31 17:55:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-12-31 17:55:12 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-12-31 17:55:12 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-12-31 17:55:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2012-12-31 05:00:36 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-31 05:00:36 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-31 05:00:35 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-31 05:00:35 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-28 19:13:37 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-12-23 01:03:32 -------- d-----w- C:\Users\Turner\AppData\Roaming\IObit
    2012-12-23 00:27:03 -------- d-----w- C:\Users\Turner\AppData\Roaming\ParetoLogic
    2012-12-23 00:27:03 -------- d-----w- C:\Users\Turner\AppData\Roaming\DriverCure
    2012-12-23 00:26:51 -------- d-----w- C:\ProgramData\ParetoLogic
    .
    ==================== Find3M ====================
    .
    2013-01-09 01:44:59 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-01-09 01:44:59 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-12 23:35:52 72104 ----a-w- C:\Windows\CouponPrinter.ocx
    .
    ============= FINISH: 23:00:20.29 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/26/2012 2:05:08 PM
    System Uptime: 1/8/2013 9:30:35 PM (2 hours ago)
    .
    Motherboard: PEGATRON CORPORATION | | 2ACF
    Processor: AMD E2-3200 APU with Radeon(tm) HD Graphics | P0 | 2400/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 920 GiB total, 864.964 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 1.438 GiB free.
    E: is CDROM ()
    F: is Removable
    H: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP106: 12/21/2012 12:57:57 PM - Windows Update
    RP107: 12/26/2012 3:32:52 PM - Windows Update
    RP108: 12/28/2012 1:12:56 PM - Installed Java 7 Update 10
    RP109: 12/30/2012 2:39:27 PM - Windows Update
    RP110: 12/30/2012 10:59:53 PM - Windows Update
    RP111: 12/31/2012 4:03:00 PM - Windows Update
    RP112: 1/3/2013 5:34:27 PM - Windows Update
    RP113: 1/7/2013 5:19:48 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    ABBYY FineReader 9.0 Sprint
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader XI
    Adobe Shockwave Player 11.6
    Agatha Christie - Peril at End House
    Amazon MP3 Downloader 1.0.17
    AMD APP SDK Runtime
    AMD Media Foundation Decoders
    AMD VISION Engine Control Center
    AOL Toolbar
    AOL Uninstaller (Choose which Products to Remove)
    ATI Catalyst Install Manager
    Bejeweled 3
    Blackhawk Striker 2
    Blasterball 3
    Blio
    Bounce Symphony
    Cake Mania
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CCleaner
    Chronicles of Albian
    Chuzzle Deluxe
    Cisco Connect
    Corel Shell Extension - 64Bit
    CorelDRAW Graphics Suite X4
    CorelDRAW Graphics Suite X4 - Capture
    CorelDRAW Graphics Suite X4 - Content
    CorelDRAW Graphics Suite X4 - Draw
    CorelDRAW Graphics Suite X4 - Filters
    CorelDRAW Graphics Suite X4 - FontNav
    CorelDRAW Graphics SUite X4 - ICA
    CorelDRAW Graphics Suite X4 - IPM
    CorelDRAW Graphics Suite X4 - Lang BR
    CorelDRAW Graphics Suite X4 - Lang EN
    CorelDRAW Graphics Suite X4 - Lang ES
    CorelDRAW Graphics Suite X4 - Lang FR
    CorelDRAW Graphics Suite X4 - PP
    CorelDRAW Graphics Suite X4 - VBA
    CorelDRAW(R) Graphics Suite X4
    CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
    Coupon Printer for Windows
    CouponBar
    Cradle of Rome 2
    D3DX10
    Download Manager and Options
    Download Updater (AOL LLC)
    DownloadX ActiveX Download Control 1.6.5
    Epson Connect
    Epson Customer Participation
    Epson Download Navigator
    Epson Event Manager
    Epson FAX Utility
    EPSON Scan
    EPSON WorkForce 545 Series Printer Uninstall
    EpsonNet Print
    Eraser 6.0.10.2620
    Farm Frenzy
    FATE
    ffdshow [rev 3154] [2009-12-09]
    Game Booster 3
    Garmin Communicator Plugin
    Garmin Communicator Plugin x64
    Garmin Lifetime Updater
    Garmin USB Drivers
    Garmin WebUpdater
    GIMP 2.6.10
    Google Chrome
    Google Earth
    Google Update Helper
    Governor of Poker 2 Premium Edition
    Hewlett-Packard ACLM.NET v1.2.1.1
    HP Auto
    HP Client Services
    HP Customer Experience Enhancements
    HP Games
    HP LinkUp
    HP MovieStore
    HP Odometer
    HP Setup
    HP Setup Manager
    HP Support Assistant
    HP Support Information
    HP Update
    HP Vision Hardware Diagnostics
    Java 7 Update 10
    Java Auto Updater
    JavaFX 2.1.1
    Jewel Quest: The Sleepless Star - Collector's Edition
    Junk Mail filter update
    Kobo
    LabelPrint
    Magic ISO Maker v5.5 (build 0281)
    Mah Jong Medley
    Maxthon Cloud Browser
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Mathematics
    Microsoft Office 2000 Professional
    Microsoft Office 2010
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft WSE 3.0 Runtime
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery of Mortlake Mansion
    Namco All-Stars: PAC-MAN
    PDF Complete Special Edition
    Penguins!
    PhotoELF
    Plants vs. Zombies - Game of the Year
    PlayReady PC Runtime amd64
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    PressReader
    Realtek High Definition Audio Driver
    Recovery Manager
    Remote Graphics Receiver
    RoxioNow Player
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    ShopAtHome.com Helper
    ShopAtHome.com Toolbar
    Skype¬ô 6.0
    Slingo Supreme
    Spybot - Search & Destroy
    swMSM
    UltraISO Premium V9.2
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update Installer for WildTangent Games App
    Vacation Quest - The Hawaiian Islands
    Viewpoint Media Player
    Virtual Villagers 5 - New Believers
    Visual Basic for Applications (R) Core
    Visual Basic for Applications (R) Core - English
    WildTangent Games App (HP Games)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Zinio Reader 4
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/8/2013 6:59:50 PM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
    1/8/2013 6:38:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    1/8/2013 6:38:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    1/5/2013 3:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    1/4/2013 6:06:56 PM, Error: Service Control Manager [7030] - The VideoAcceleratorService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    1/4/2013 2:43:38 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
    1/2/2013 1:09:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
    1/2/2013 1:09:17 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/2/2013 1:09:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
    .
    ==== End Of File ===========================

    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-08 23:07:26
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000058 ST310005 rev.HP64 931.51GB
    Running: nox7widr.exe; Driver: C:\Users\Turner\AppData\Local\Temp\ufdcrpog.sys


    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5060] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    ? C:\Windows\system32\mssprxy.dll [5060] entry point in ".rdata" section 0000000074fe71e6
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4500] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 7 bytes {MOV EDX, 0x8db628; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 7 bytes {MOV EDX, 0x8db668; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 7 bytes {MOV EDX, 0x8db5a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 7 bytes {MOV EDX, 0x8db528; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 7 bytes {MOV EDX, 0x8db728; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 7 bytes {MOV EDX, 0x8db768; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 7 bytes {MOV EDX, 0x8db6e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 7 bytes {MOV EDX, 0x8db6a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 7 bytes {MOV EDX, 0x8db468; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 7 bytes {MOV EDX, 0x8db4a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 7 bytes {MOV EDX, 0x8db428; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 7 bytes {MOV EDX, 0x8db5e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 7 bytes {MOV EDX, 0x8db568; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 7 bytes {MOV EDX, 0x8db4e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 7 bytes {MOV EDX, 0xd6e628; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 7 bytes {MOV EDX, 0xd6e668; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 7 bytes {MOV EDX, 0xd6e5a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 7 bytes {MOV EDX, 0xd6e528; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 7 bytes {MOV EDX, 0xd6e728; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 7 bytes {MOV EDX, 0xd6e768; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 7 bytes {MOV EDX, 0xd6e6e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 7 bytes {MOV EDX, 0xd6e6a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 7 bytes {MOV EDX, 0xd6e468; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 7 bytes {MOV EDX, 0xd6e4a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 7 bytes {MOV EDX, 0xd6e428; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 7 bytes {MOV EDX, 0xd6e5e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 7 bytes {MOV EDX, 0xd6e568; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 7 bytes {MOV EDX, 0xd6e4e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3044] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 7 bytes {MOV EDX, 0xba0228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 7 bytes {MOV EDX, 0xba0268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 7 bytes {MOV EDX, 0xba01a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 7 bytes {MOV EDX, 0xba0128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 7 bytes {MOV EDX, 0xba0328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 7 bytes {MOV EDX, 0xba0368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 7 bytes {MOV EDX, 0xba02e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 7 bytes {MOV EDX, 0xba02a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 7 bytes {MOV EDX, 0xba0068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 7 bytes {MOV EDX, 0xba00a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 7 bytes {MOV EDX, 0xba0028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 7 bytes {MOV EDX, 0xba01e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 7 bytes {MOV EDX, 0xba0168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 7 bytes {MOV EDX, 0xba00e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 7 bytes {MOV EDX, 0x6a0a28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 7 bytes {MOV EDX, 0x6a0a68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 7 bytes {MOV EDX, 0x6a09a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 7 bytes {MOV EDX, 0x6a0928; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 7 bytes {MOV EDX, 0x6a0b28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 7 bytes {MOV EDX, 0x6a0b68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 7 bytes {MOV EDX, 0x6a0ae8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 7 bytes {MOV EDX, 0x6a0aa8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 7 bytes {MOV EDX, 0x6a0868; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 7 bytes {MOV EDX, 0x6a08a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 7 bytes {MOV EDX, 0x6a0828; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 7 bytes {MOV EDX, 0x6a09e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 7 bytes {MOV EDX, 0x6a0968; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 7 bytes {MOV EDX, 0x6a08e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 3 bytes [BA, 28, 0E]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 9 0000000077dff995 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 3 bytes [BA, 68, 0E]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 9 0000000077dffbd9 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 3 bytes [BA, A8, 0D]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 9 0000000077dffc09 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 3 bytes [BA, 28, 0D]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 9 0000000077dffc21 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 3 bytes [BA, 28, 0F]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 9 0000000077dffc39 3 bytes {ANDPS XMM0, [RAX]; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 3 bytes [BA, 68, 0F]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 9 0000000077dffc69 3 bytes {ANDPS XMM0, [RAX]; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 3 bytes [BA, E8, 0E]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 9 0000000077dffce9 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 3 bytes [BA, A8, 0E]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 9 0000000077dffd01 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 3 bytes [BA, 68, 0C]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 9 0000000077dffd4d 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 3 bytes [BA, A8, 0C]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 9 0000000077dffe45 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 3 bytes [BA, 28, 0C]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 9 0000000077e0009d 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 3 bytes [BA, E8, 0D]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 9 0000000077e010a9 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 3 bytes [BA, 68, 0D]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 9 0000000077e01121 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 3 bytes [BA, E8, 0C]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 9 0000000077e01325 3 bytes [00, FF, E2]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077dff991 7 bytes {MOV EDX, 0x875228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077dffbd5 7 bytes {MOV EDX, 0x875268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077dffc05 7 bytes {MOV EDX, 0x8751a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077dffc1d 7 bytes {MOV EDX, 0x875128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077dffc35 7 bytes {MOV EDX, 0x875328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077dffc65 7 bytes {MOV EDX, 0x875368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077dffce5 7 bytes {MOV EDX, 0x8752e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077dffcfd 7 bytes {MOV EDX, 0x8752a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077dffd49 7 bytes {MOV EDX, 0x875068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077dffe41 7 bytes {MOV EDX, 0x8750a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077e00099 7 bytes {MOV EDX, 0x875028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077e010a5 7 bytes {MOV EDX, 0x8751e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077e0111d 7 bytes {MOV EDX, 0x875168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077e01321 7 bytes {MOV EDX, 0x8750e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e31401 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e31419 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e31431 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e3144a 2 bytes [E3, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e314dd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e314f5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e3150d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e31525 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e3153d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e31555 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e3156d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e31585 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e3159d 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e315b5 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e315cd 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e316b2 2 bytes [E3, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3056] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e316bd 2 bytes [E3, 76]

    ---- Threads - GMER 2.0 ----

    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4424] 000007fef19ccc10
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4964] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:3260] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4796] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4448] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4420] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4300] 000007fef199f718
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:2536] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4240] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:5040] 000007fef188b564
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:2532] 000007fef188143c
    Thread c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808:4012] 000007fef1ec6050
    Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4332:3800] 000007fefc642a7c
    Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4332:4624] 0000000063156c88
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [828:4944] 000007fefc642a7c
    Thread C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4256:2252] 00000000730a27c1
    ---- Processes - GMER 2.0 ----

    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Common Files\AOL\1338159616\ee\aolsoftware.exe [3472] 0000000073160000
    Library ? (*** suspicious ***) @ c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [2808] 000007fef9900000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4332] 000007fefe040000
    Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [828] 000007feea600000
    Library ? (*** suspicious ***) @ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4256] 0000000073160000
    Library ? (*** suspicious ***) @ C:\Windows\system32\taskhost.exe [4112] 000007fefc480000

    ---- EOF - GMER 2.0 ----
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1084367

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice