1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Suspicious Erratic Behavior

Discussion in 'Virus & Other Malware Removal' started by oniro, Mar 15, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    I am having some erratic behavior in my R530 Samsung lap-top evident in sporadic sudden booting, slow loading pages, some time the whole set of tabs in a page gets frozen and it takes time to activate them again. Some times appear the flag "Page Blocked". Right now I am unable to run HJT because I get the flag "No internet connection" though I am actually connected. I am attaching this HJT not being sure if this copy I made from the resulting HJT scanning is right,because I did not delete anything as advised in the warning on my Internet Connection.

    So please give me a hand on this matter some time too hard for me to solve by myself. I

    All the very best to TSG,


    Oniro

    -------------------------------------------------------------------------------------
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:34:38, on 15/03/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16470)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Users\Hernando\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\notepad.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\notepad.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Hernando\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    D:\HijackThis 15032013.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://windows.microsoft.com/en-US/windows7/Search-with-the-Internet-Explorer-9-Address-bar
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    O1 - Hosts: ÿþ127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Hernando\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Hernando\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Ad-Aware Service - Lavasoft Limited - D:\AdAwareService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - D:\SBAMSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 7034 bytes
    --------------------------------------------------------------------------------------
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.5.1
    Run by Hernando at 9:54:55 on 2013-03-15
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3005.1042 [GMT 2:00]
    .
    AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
    .
    ============== Running Processes ================
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\windows\System32\spoolsv.exe
    D:\AdAwareService.exe
    C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    D:\SBAMSvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Windows\HelpPane.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\Hernando\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    C:\windows\system32\mmc.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\windows\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\system32\svchost.exe -k SDRSVC
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    uURLSearchHooks: {472734EA-242A-422b-ADF8-83D1E48CC825} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5825.1100\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
    uRun: [Google Update] "c:\users\hernando\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Spotify Web Helper] "c:\users\hernando\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Free YouTube Download - c:\users\hernando\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{5E10B9D3-FBAB-4228-B56D-2F79E07D7136} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{5E10B9D3-FBAB-4228-B56D-2F79E07D7136}\4505D2C494E4B4 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC} : DHCPNameServer = 62.121.35.14 62.121.33.75
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2013-2-13 76768]
    R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-29 13560]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-6-14 10752]
    R2 Ad-Aware Service;Ad-Aware Service;D:\AdAwareService.exe [2013-2-21 1236336]
    R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-3-7 168536]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
    R2 KSS;Kaspersky Security Scan Service;c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [2012-4-25 202296]
    R2 MBAMScheduler;MBAMScheduler;d:\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-17 398184]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328]
    R2 SBAMSvc;Ad-Aware;D:\SBAMSvc.exe [2012-9-20 3677000]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-8 126976]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-31 21104]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe [2012-1-1 682344]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-25 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-13 40776]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-18 1343400]
    .
    =============== Created Last 30 ================
    .
    2013-03-14 06:38:37 6954968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d05067eb-16a5-4a5f-ae59-55da5b13b718}\mpengine.dll
    2013-03-13 06:04:12 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4bc8c0e4-ba87-41fc-806b-90001eadbf09}\gapaengine.dll
    2013-03-13 06:02:46 6954968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-03-13 00:17:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2013-03-07 16:42:42 5664768 ----a-w- c:\programdata\microsoft\bingdesktop\updater\BingDesktop.msi
    2013-03-04 14:26:53 -------- d-----w- c:\users\fernando\appdata\local\adawarebp
    2013-03-04 14:17:01 -------- d-----w- c:\programdata\Downloaded Installations
    2013-03-04 14:16:11 -------- d-----w- c:\program files\adawaretb
    2013-03-04 14:13:53 44424 ----a-w- c:\windows\system32\sbbd.exe
    2013-02-19 07:56:30 -------- d-----w- c:\users\fernando\appdata\local\{877F8325-8C9F-4FEA-9F6C-6F1F93E4DE0E}
    2013-02-14 01:04:16 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
    2013-02-13 12:51:15 170752 ----a-w- c:\windows\system32\drivers\snapman.sys
    2013-02-13 12:51:12 76768 ----a-w- c:\windows\system32\drivers\fltsrv.sys
    .
    ==================== Find3M ====================
    .
    2013-03-14 04:11:37 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-03-14 04:11:37 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-03-04 14:13:52 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
    2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
    2013-01-20 13:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
    2013-01-20 13:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2013-01-05 05:02:17 3957608 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-01-05 05:02:17 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-01-04 04:55:21 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-01-04 04:55:09 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-01-04 04:50:40 169984 ----a-w- c:\windows\system32\winsrv.dll
    2013-01-04 04:46:33 293376 ----a-w- c:\windows\system32\KernelBase.dll
    2013-01-04 03:00:30 2345984 ----a-w- c:\windows\system32\win32k.sys
    2013-01-04 02:59:29 271360 ----a-w- c:\windows\system32\conhost.exe
    2013-01-04 02:43:35 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-04 02:43:34 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2013-01-04 02:43:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-04 02:43:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-12-16 14:25:27 295424 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-16 14:25:19 34304 ----a-w- c:\windows\system32\atmlib.dll
    .
    ============= FINISH: 9:55:38.89 ===============



    GMER 2.1.19155 - http://www.gmer.net
    Rootkit scan 2013-03-15 14:11:21
    Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465.76GB
    Running: icr67iey.exe; Driver: C:\Users\Hernando\AppData\Local\Temp\uxldykog.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text ntoskrnl.exe!ZwRollbackTransaction + 13E5 83084899 1 Byte [06]
    .text ntoskrnl.exe!KiDispatchInterrupt + 5A2 830A42D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    ? C:\Users\Hernando\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 1C, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 1F, 23, 00] {SUB [EDI], BL; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 1C, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 1D, 23, 00] {TEST AL, 0x1d; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762871A8
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 1E, 23, 00] {TEST AL, 0x1e; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 1D, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 1E, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76287239
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 1C, 23, 00] {TEST AL, 0x1c; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 762873F7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 1D, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 1E, 23, 00] {SUB [ESI], BL; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 1F, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 1C, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 1F, D9, 00] {SUB [EDI], BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 1C, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 1D, D9, 00] {TEST AL, 0x1d; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762927A8
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 1E, D9, 00] {TEST AL, 0x1e; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 1D, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 1E, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76292839
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 1C, D9, 00] {TEST AL, 0x1c; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 762929F7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 1D, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 1E, D9, 00] {SUB [ESI], BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 1F, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    ? C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
    .text C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] ntdll.dll!NtProtectVirtualMemory 77285000 5 Bytes JMP 698B17E3 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll
    ? C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
    .text C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] user32.dll!NotifyWinEvent + 48B 7619F724 4 Bytes [4D, 27, 8B, 69]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 6B, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76293DF4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76293E85
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76294043
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 6B, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!recv 761447DF 6 Bytes JMP 71A90F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSASend 761468A7 6 Bytes JMP 71A60F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSARecv 7614C29F 6 Bytes JMP 71A30F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!send 7614C4C8 6 Bytes JMP 71AF0F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSAGetOverlappedResult 7614E860 6 Bytes JMP 71A00F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 7B, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76291E04
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76291E95
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76292053
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 7B, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!recv 761447DF 6 Bytes JMP 71A90F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSASend 761468A7 6 Bytes JMP 71A60F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSARecv 7614C29F 6 Bytes JMP 71A30F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!send 7614C4C8 6 Bytes JMP 71AF0F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSAGetOverlappedResult 7614E860 6 Bytes JMP 71A00F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 6B, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762955F4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76295685
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76295843
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 6B, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, CF, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76293C58
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76293CE9
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76293EA7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, CF, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, BB, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76295644
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 762956D5
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76295893
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, BB, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 50, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 53, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 50, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 51, 29, 00] {TEST AL, 0x51; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762877DC
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 52, 29, 00] {TEST AL, 0x52; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 51, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 52, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 7628786D
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 50, 29, 00] {TEST AL, 0x50; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76287A2B
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 51, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 52, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 53, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 4B, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 7628B2D4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 7628B365
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 7628B523
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 4B, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]

    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\[email protected]{F1FF546D-77C1-11DF-9425-806E6F6E6963} 16943674360

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----
     
  2. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    I would appreciate a helping hand to my issues without response yet after 48 hours. I filled out all the requirements listed for before posting. I ran all appliccations sugested by COOKIEGAL and the results have been copied here..

    Ciao !!!
     
  3. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    ..............and no answer either today unfortunately.....is my case so difficult to work out ?

    hope this time my chances improve after 5 days !!!


    all the best,

    Oniro
     
  4. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    After almost a week, no trace of a helping hand....again, is my case so difficult to handle ? Is there a way out of the hole ? I have sent this request for help at least 4 times now. Please a little help....

    Greetings,

    Oniro
     
  5. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    After one week I have not got any answer. Could somebody please tell me is my case so impossible to solve ?

    Greetings,


    Oniro
     
  6. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    Still without answer after almost 2 weeks.....how can I get some help ?

    Greetings,


    Oniro
     
  7. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    13 days without an answer !!!!!
     
  8. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    Actually 17 days without an answer !!! This is really Patience !!!!

    Greeting,


    Oniro
     
  9. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    Under the tittle "Suspicious Erratic Behavior" I posted a message on March the 15th asking for help to a persistent problem I have with my laptop, and I swear I have been all the patience is possible to have when the demand for help is so high and the persons entitled to help are so few. But I found that many help requests posterior to mine were served in due time. I wish I can be told if my case is very hard to resolve or what is the reason after 18 days I remain unattended. I have contributed in the past with donations and I am always ready to do it again.

    This was my post:


    "I am having some erratic behavior in my R530 Samsung lap-top evident in sporadic sudden booting, slow loading pages, some time the whole set of tabs in a page gets frozen and it takes time to activate them again. Some times appear the flag "Page Blocked". Right now I am unable to run HJT because I get the flag "No internet connection" though I am actually connected. I am attaching this HJT not being sure if this copy I made from the resulting HJT scanning is right,because I did not delete anything as advised in the warning on my Internet Connection.

    So please give me a hand on this matter some time too hard for me to solve by myself. I

    All the very best to TSG,


    Oniro

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:34:38, on 15/03/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16470)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Users\Hernando\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler .exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\notepad.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\notepad.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Hernando\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    D:\HijackThis 15032013.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://windows.microsoft.com/en-US/w...-9-Address-bar
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    O1 - Hosts: ÿþ127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Hernando\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Hernando\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.h tm
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Ad-Aware Service - Lavasoft Limited - D:\AdAwareService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - D:\SBAMSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 7034 bytes
    --------------------------------------------------------------------------------------
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.5.1
    Run by Hernando at 9:54:55 on 2013-03-15
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3005.1042 [GMT 2:00]
    .
    AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
    .
    ============== Running Processes ================
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\windows\System32\spoolsv.exe
    D:\AdAwareService.exe
    C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    D:\SBAMSvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Users\Hernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Windows\HelpPane.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\Hernando\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler .exe
    C:\windows\system32\mmc.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\windows\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\system32\svchost.exe -k SDRSVC
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    uURLSearchHooks: {472734EA-242A-422b-ADF8-83D1E48CC825} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5825.1100\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
    uRun: [Google Update] "c:\users\hernando\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Spotify Web Helper] "c:\users\hernando\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Free YouTube Download - c:\users\hernando\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.h tm
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{5E10B9D3-FBAB-4228-B56D-2F79E07D7136} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{5E10B9D3-FBAB-4228-B56D-2F79E07D7136}\4505D2C494E4B4 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC} : DHCPNameServer = 62.121.35.14 62.121.33.75
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2013-2-13 76768]
    R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-29 13560]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-6-14 10752]
    R2 Ad-Aware Service;Ad-Aware Service;D:\AdAwareService.exe [2013-2-21 1236336]
    R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-3-7 168536]
    R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
    R2 KSS;Kaspersky Security Scan Service;c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [2012-4-25 202296]
    R2 MBAMScheduler;MBAMScheduler;d:\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-17 398184]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328]
    R2 SBAMSvc;Ad-Aware;D:\SBAMSvc.exe [2012-9-20 3677000]
    R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-8 126976]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-31 21104]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
    R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
    R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
    R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
    R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
    R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe [2012-1-1 682344]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-25 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-13 40776]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-18 1343400]
    .
    =============== Created Last 30 ================
    .
    2013-03-14 06:38:37 6954968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d05067eb-16a5-4a5f-ae59-55da5b13b718}\mpengine.dll
    2013-03-13 06:04:12 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4bc8c0e4-ba87-41fc-806b-90001eadbf09}\gapaengine.dll
    2013-03-13 06:02:46 6954968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2013-03-13 00:17:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2013-03-07 16:42:42 5664768 ----a-w- c:\programdata\microsoft\bingdesktop\updater\BingDesktop.msi
    2013-03-04 14:26:53 -------- d-----w- c:\users\fernando\appdata\local\adawarebp
    2013-03-04 14:17:01 -------- d-----w- c:\programdata\Downloaded Installations
    2013-03-04 14:16:11 -------- d-----w- c:\program files\adawaretb
    2013-03-04 14:13:53 44424 ----a-w- c:\windows\system32\sbbd.exe
    2013-02-19 07:56:30 -------- d-----w- c:\users\fernando\appdata\local\{877F8325-8C9F-4FEA-9F6C-6F1F93E4DE0E}
    2013-02-14 01:04:16 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
    2013-02-13 12:51:15 170752 ----a-w- c:\windows\system32\drivers\snapman.sys
    2013-02-13 12:51:12 76768 ----a-w- c:\windows\system32\drivers\fltsrv.sys
    .
    ==================== Find3M ====================
    .
    2013-03-14 04:11:37 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-03-14 04:11:37 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-03-04 14:13:52 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
    2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
    2013-01-20 13:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
    2013-01-20 13:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2013-01-05 05:02:17 3957608 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-01-05 05:02:17 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-01-04 04:55:21 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-01-04 04:55:09 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-01-04 04:50:40 169984 ----a-w- c:\windows\system32\winsrv.dll
    2013-01-04 04:46:33 293376 ----a-w- c:\windows\system32\KernelBase.dll
    2013-01-04 03:00:30 2345984 ----a-w- c:\windows\system32\win32k.sys
    2013-01-04 02:59:29 271360 ----a-w- c:\windows\system32\conhost.exe
    2013-01-04 02:43:35 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-04 02:43:34 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2013-01-04 02:43:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-04 02:43:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-12-16 14:25:27 295424 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-16 14:25:19 34304 ----a-w- c:\windows\system32\atmlib.dll
    .
    ============= FINISH: 9:55:38.89 ===============



    GMER 2.1.19155 - http://www.gmer.net
    Rootkit scan 2013-03-15 14:11:21
    Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465.76GB
    Running: icr67iey.exe; Driver: C:\Users\Hernando\AppData\Local\Temp\uxldykog.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text ntoskrnl.exe!ZwRollbackTransaction + 13E5 83084899 1 Byte [06]
    .text ntoskrnl.exe!KiDispatchInterrupt + 5A2 830A42D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    ? C:\Users\Hernando\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 1C, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 1F, 23, 00] {SUB [EDI], BL; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 1C, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 1D, 23, 00] {TEST AL, 0x1d; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762871A8
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 1E, 23, 00] {TEST AL, 0x1e; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 1D, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 1E, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76287239
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 1C, 23, 00] {TEST AL, 0x1c; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 762873F7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 1D, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 1E, 23, 00] {SUB [ESI], BL; AND EAX, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 1F, 23, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 1C, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 1F, D9, 00] {SUB [EDI], BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 1C, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 1D, D9, 00] {TEST AL, 0x1d; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762927A8
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 1E, D9, 00] {TEST AL, 0x1e; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 1D, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 1E, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76292839
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 1C, D9, 00] {TEST AL, 0x1c; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 762929F7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 1D, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 1E, D9, 00] {SUB [ESI], BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 1F, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[948] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    ? C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
    .text C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] ntdll.dll!NtProtectVirtualMemory 77285000 5 Bytes JMP 698B17E3 C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll
    ? C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
    .text C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[1844] user32.dll!NotifyWinEvent + 48B 7619F724 4 Bytes [4D, 27, 8B, 69]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 6B, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76293DF4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76293E85
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 68, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76294043
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 69, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 6A, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 6B, EF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!recv 761447DF 6 Bytes JMP 71A90F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSASend 761468A7 6 Bytes JMP 71A60F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSARecv 7614C29F 6 Bytes JMP 71A30F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!send 7614C4C8 6 Bytes JMP 71AF0F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2008] WS2_32.dll!WSAGetOverlappedResult 7614E860 6 Bytes JMP 71A00F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 7B, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76291E04
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76291E95
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 78, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76292053
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 79, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 7A, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 7B, CF, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!recv 761447DF 6 Bytes JMP 71A90F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSASend 761468A7 6 Bytes JMP 71A60F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSARecv 7614C29F 6 Bytes JMP 71A30F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!send 7614C4C8 6 Bytes JMP 71AF0F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2856] WS2_32.dll!WSAGetOverlappedResult 7614E860 6 Bytes JMP 71A00F5A
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 6B, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762955F4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76295685
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 68, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76295843
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 69, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 6A, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 6B, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, CF, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76293C58
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 76293CE9
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, CC, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76293EA7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, CD, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, CE, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, CF, ED, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4308] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, BB, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 76295644
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 762956D5
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, B8, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76295893
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, B9, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, BA, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, BB, 07, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5568] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 50, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 53, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 50, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 51, 29, 00] {TEST AL, 0x51; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 762877DC
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 52, 29, 00] {TEST AL, 0x52; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 51, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 52, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 7628786D
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 50, 29, 00] {TEST AL, 0x50; SUB [EAX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 76287A2B
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 51, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 52, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 53, 29, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5592] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtCreateFile + 6 772846B6 4 Bytes [28, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtCreateFile + B 772846BB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtMapViewOfSection + 6 77284D16 4 Bytes [28, 4B, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtMapViewOfSection + B 77284D1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenFile + 6 77284DC6 4 Bytes [68, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenFile + B 77284DCB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcess + 6 77284E76 4 Bytes [A8, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcess + B 77284E7B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessToken + 6 77284E86 4 Bytes CALL 7628B2D4
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessToken + B 77284E8B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessTokenEx + 6 77284E96 4 Bytes [A8, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenProcessTokenEx + B 77284E9B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThread + 6 77284EF6 4 Bytes [68, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThread + B 77284EFB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadToken + 6 77284F06 4 Bytes [68, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadToken + B 77284F0B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadTokenEx + 6 77284F16 4 Bytes CALL 7628B365
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtOpenThreadTokenEx + B 77284F1B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryAttributesFile + 6 77285026 4 Bytes [A8, 48, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryAttributesFile + B 7728502B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryFullAttributesFile + 6 772850D6 4 Bytes CALL 7628B523
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtQueryFullAttributesFile + B 772850DB 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationFile + 6 77285726 4 Bytes [28, 49, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationFile + B 7728572B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationThread + 6 77285786 4 Bytes [28, 4A, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtSetInformationThread + B 7728578B 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtUnmapViewOfSection + 6 77285AA6 4 Bytes [68, 4B, 64, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6120] ntdll.dll!NtUnmapViewOfSection + B 77285AAB 1 Byte [E2]

    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\[email protected]{F1FF546D-77C1-11DF-9425-806E6F6E6963} 16943674360

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----
    Last edited by oniro; 15-Mar-2013 at 04:17 PM..
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    17-Mar-2013, 12:16 PM #2
    No answer yet..........
    I would appreciate a helping hand to my issues without response yet after 48 hours. I filled out all the requirements listed for before posting. I ran all appliccations sugested by COOKIEGAL and the results have been copied here..

    Ciao !!!
    Last edited by oniro; 17-Mar-2013 at 01:58 PM.. Reason: Typos
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    19-Mar-2013, 08:41 AM #3
    ..............and no answer either today unfortunately.....is my case so difficult to work out ?

    hope this time my chances improve after 5 days !!!


    all the best,

    Oniro
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    20-Mar-2013, 10:29 PM #4
    Misterious and unpredictable booting, snail loading, frozen tabs...
    After almost a week, no trace of a helping hand....again, is my case so difficult to handle ? Is there a way out of the hole ? I have sent this request for help at least 4 times now. Please a little help....

    Greetings,

    Oniro
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    24-Mar-2013, 01:28 PM #5
    Since March 15th and no answer yet...!!! Please a little help...
    After one week I have not got any answer. Could somebody please tell me is my case so impossible to solve ?

    Greetings,


    Oniro
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    28-Mar-2013, 02:20 PM #6
    Still without answer after almost 2 weeks.....how can I get some help ?

    Greetings,


    Oniro
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    29-Mar-2013, 11:19 PM #7
    13 days without an answer !!!!!
    Report Quote Reply

    oniro

    Member with 326 posts.
    THREAD STARTER

    Join Date: Aug 2003
    Location: Scandinavia
    Experience: Hopeless
    30-Mar-2013, 05:20 PM #8
    Actually 17 days without an answer !!! This is really Patience !!!!

    Greeting,


    Oniro
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,222
    First Name:
    Derek
    it is very likely to be adaware causing the problem

    uninstall adaware completely
    reboot & see if you still have problems
     
  11. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    Oh !!! This is really Easter Sunday !!! Thank you so much DVK01 for taking care of my inquiry. Because all the steps stipulated by Cookiegal Sticky Must Read were postednon March 15th, they might be outdated now. I have found though some errors in the Event log that are not posted here. Dou you think they will be useful to trace the origin of my problems ? Anyway I will delete ADware and will report on the developments.

    Thanks again (y):)


    Oniro
     
  12. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    I am adding part of an energy report in case it be useful to solve my problems.

    Oniro


    Errors

    USB Suspend:USB Device not Entering Suspend
    The USB device did not enter the Suspend state. Processor power management may be prevented if a USB device does not enter the Suspend state when not in use.
    Device Name USB Root Hub
    Host Controller ID PCI\VEN_8086&DEV_2934
    Host Controller Location PCI bus 0, device 29, function 0
    Device ID USB\VID_8086&PID_2934
    Port Path

    USB Suspend:USB Device not Entering Suspend
    The USB device did not enter the Suspend state. Processor power management may be prevented if a USB device does not enter the Suspend state when not in use.
    Device Name USB Input Device
    Host Controller ID PCI\VEN_8086&DEV_2934
    Host Controller Location PCI bus 0, device 29, function 0
    Device ID USB\VID_09DA&PID_000A
    Port Path 1

    CPU Utilization:processor utilization is high
    The average processor utilization during the trace was high. The system will consume less power when the average processor utilization is very low. Review processor utilization for individual processes to determine which applications and services contribute the most to total processor utilization.
    Average Utilization (%) 7.53



     
  13. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    After deleting ADAware the Windows resuming improved in a way that now it returns from Hibernation to Windows fully operational in 27 seconds. Time from Booting to open Windows is taking 40 seconds. The general page loading has also now improved. I don't know what they might be the optimal parameters for my laptop and configuration regarding loading pages, but now I noticed a general improvement. I just would like to know if these errors in the Event Log is something that can become later a serious problem. There are also a lot of warnings that I have not copied here. Only the ENERGY ERRORS.

    Oniro
     
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,222
    First Name:
    Derek
    I wouldn't worry about those error messages, they are quite normal on a W7 laptop
     
  15. oniro

    oniro Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    376
    So is there something else that you consider to be solved ? The only issue I think remains is to fix my inhability to run HJT screenings. There is always I intend to run HJT one flag with the warning "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix it. If that happens , you need to edit the file yourself. To do this click Start.............." Any suggestion to fix this problem in my laptop for the future ?

    Thank you very much again for your sharp appraisal of my problem...(y)


    Oniro
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1093176

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice