1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Very Jumpy and Unstable Internet, tried everything.

Discussion in 'Networking' started by Fatsauce, Jan 7, 2013.

Thread Status:
Not open for further replies.
Page 1 of 2
Advertisement
  1. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Hello, Honestly it's the first time I post anything on any forums, I always was able to solve my problems, but this one.
    To the facts:
    My Internet connexion is VERY jumpy. 99% of the time i have MAX 12 kb/s on my specific computer (very god damned slow. 4 hours for a 4 mb download), as my tablet or laptop runs internet as fast as always. It is only 1 computer problem on the network.

    - I managed to get the false privitizeVPN from piratebay on my cpu yesterday
    - I deleted it and believe I deleted all of it.
    - I then ran in safe mode Rkill, Malwarebytes and did a complete scan with Bitdefender. Cleared some minor things.
    - Internet still slow, I ran Combofix, cleared 2 things, still slow.
    - Even on Steam, where i normally hit 1 mb/s I am stuck at that infamous 13-14 kb/s. I went and assigned 40% in the broadband settings, it was set on 0% for some reason.

    -Right now steam downloaded at 1mb/s for about 2 minutes, and now is dropped to 3-20 kb/s without any notice or any changes, as I was typing this message.
    - I tried rebooting the networking systems too, and all of the electrical conflicts / etc. with no results.

    Honestly, I really am stuck on this one, any help would gladly be appreciated.
    I still have all the Logs the software scan gave me.

    Thanks
     
    Fatsauce, Jan 7, 2013
    #1
  3. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Did your problem start only then?
     
    Phantom010, Jan 7, 2013
    #2
  4. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Yes, I had no troubles before. Wich is why I wonder why none of the above mentionned programs cleared anything big. I restored the system (I needed to do it in safe mode, because something, most likely a virus, stopped me from doing so. I eventually succeded). And my bitdefender real time security won't activate, since then. exactly like this guy. http://www.youtube.com/watch?v=a0V_pg6BBgM I do not share his point of view on the thing tho, and I never had any problems with it before. PS: Don't watch the full thing. Edit: Watch at 1:14. Same problem, didn't find a solution too. But I did everything I could to destroy a possible Virus / Malware, with no result on my internet or my real time protection.
     
    Fatsauce, Jan 7, 2013
    #3
  5. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Your computer might still be infected.

    If you wish for a malware removal specialist's advice, please click on Report and kindly ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. The malware removal experts are very busy! You should get an answer within the next 48 hours.
     
    Phantom010, Jan 7, 2013
    #4
  6. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Alright, will do! Thanks
     
    Fatsauce, Jan 7, 2013
    #5
  7. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    No problem.

    If the problem isn't malware related, we'll be glad to assist you again in the Networking forum.
     
    Phantom010, Jan 7, 2013
    #6
  8. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Thanks for moving me to the right section, I do not have access to my computer right now, I will post all of the logs and the required things tonight.

    Thanks,
    FAt
     
    Fatsauce, Jan 7, 2013
    #7
  9. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:13:53 PM, on 1/7/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\DU Meter\DUMeter.exe
    C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
    C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Laurier\Downloads\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
    O4 - HKLM\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
    O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
    O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) - Wireless Service - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe
    O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
    O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 23614 bytes
    ____________________________________________________________________

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
    Run by Laurier at 21:05:32 on 2013-01-07
    Microsoft Windows*7 Édition Intégrale 6.1.7600.0.1252.2.1036.18.4093.1850 [GMT -5:00]
    .
    AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: BitDefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
    FW: BitDefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\DU Meter\DUMeter.exe
    C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
    C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Laurier\Downloads\HijackThis.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = about:blank
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
    mRun: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
    mRun: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
    mRun: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\2454C4C4936333 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\46C696E6B6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\C696E6B6379737 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\D4169637F6E6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\D496C6C656023556276796365637D26796379647565727 : DHCPNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
    TCP: Interfaces\{2DC1D2C5-1AFD-48A6-B11D-4212D9D61DA8} : DHCPNameServer = 192.168.2.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = about:blank
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
    x64-Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
    x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
    x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
    x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Laurier\AppData\Roaming\Mozilla\Firefox\Profiles\z938xqog.default\
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2010-10-18 15872]
    R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2013-1-7 99408]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-11-15 272448]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-9 204288]
    R2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [2010-10-18 40960]
    R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-13 8704]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-17 399432]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-17 676936]
    R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2010-10-16 27136]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
    R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2013-1-7 53224]
    R3 BDFM;BDFM;C:\Windows\System32\drivers\bdfm.sys [2010-5-13 162896]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-11-14 25928]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-16 347680]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 D_Link_DWA-125;D_Link_DWA-125 Service;C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe [2010-10-18 126976]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-20 46136]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-6 231440]
    S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2010-10-16 51712]
    S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2010-10-16 24064]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2010-10-16 51712]
    S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2013-1-7 467248]
    S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2010-10-16 24064]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-16 1255736]
    S4 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2010-6-28 692816]
    S4 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2010-6-28 1040976]
    .
    =============== Created Last 30 ================
    .
    2013-01-07 15:48:47 -------- d-----w- C:\Program Files\CCleaner
    2013-01-07 15:33:29 -------- d-sh--w- C:\$RECYCLE.BIN
    2013-01-07 15:07:49 98816 ----a-w- C:\Windows\sed.exe
    2013-01-07 15:07:49 256000 ----a-w- C:\Windows\PEV.exe
    2013-01-07 15:07:49 208896 ----a-w- C:\Windows\MBR.exe
    2013-01-07 09:08:17 -------- d-----w- C:\Windows\pss
    2013-01-07 07:05:23 -------- d-----w- C:\Program Files (x86)\WinDirStat
    2013-01-07 06:04:19 -------- d-----w- C:\ProgramData\WoW Worldwide Software LTD
    2013-01-07 06:03:46 -------- d-----w- C:\ProgramData\InstallMate
    2012-12-29 16:42:26 -------- d-----w- C:\Program Files (x86)\AMD
    2012-12-29 16:42:24 -------- d-----w- C:\Users\Laurier\AppData\Local\Downloaded Installations
    2012-12-24 05:48:58 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Tropico 4
    2012-12-23 21:52:03 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-23 21:52:03 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-23 21:52:02 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-23 21:52:02 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-18 03:11:10 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Vessel
    2012-12-13 19:30:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-12-13 19:30:08 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-12-11 20:27:47 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Kalypso Media
    .
    ==================== Find3M ====================
    .
    2013-01-07 09:17:23 76248 ----a-w- C:\ProgramData\bdinstall.bin
    2012-11-22 08:20:36 3147264 ----a-w- C:\Windows\System32\win32k.sys
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-02 05:27:51 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 04:48:28 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-16 21:20:49 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 21:20:46 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 20:34:37 559104 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-11 02:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
    2012-10-11 02:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
    2012-10-11 02:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
    2012-10-11 02:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
    2012-10-11 02:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
    2012-10-11 02:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
    2012-10-11 02:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
    2012-10-11 02:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
    2012-10-10 23:17:58 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
    2012-10-10 23:14:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-10-10 23:14:06 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-10-10 23:14:06 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2010-07-08 15:37:14 101544 ----a-w- C:\Program Files\Common Files\LinkInstaller.exe
    .
    ============= FINISH: 21:06:31.62 ===============
    _____________________________________________________________________

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows*7 Édition Intégrale
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/16/2010 10:30:24 AM
    System Uptime: 1/7/2013 8:59:05 PM (1 hours ago)
    .
    Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790FXT-UD5P
    Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 2080/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 279 GiB total, 60.641 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: AODDriver4.01
    Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
    Manufacturer:
    Name: AODDriver4.01
    PNP Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
    Service: AODDriver4.01
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Adobe AIR
    Adobe Community Help
    Adobe Download Assistant
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.3 - Français
    Antidote RX v8
    µTorrent
    Audiosurf
    Batman: Arkham City GOTY
    Battlefield 3&#8482;
    Battlelog Web Plugins
    BIT.TRIP RUNNER
    BitDefender Antivirus Pro 2011
    Borderlands
    Calibrize 2.0
    CCleaner
    Chivalry: Medieval Warfare
    ComicRack v0.9.142
    Counter-Strike: Source
    D-Link DWA-125
    DAEMON Tools Pro
    Diagnostic Utility
    Dota 2
    DU Meter
    Dual-Core Optimizer
    ESN Sonar
    Fallout: New Vegas
    FIFA 12 (c) EA version 1
    FXAA Post Process Injector
    Gigabyte Raid Configurer
    Google Chrome
    Google Update Helper
    Guild Wars 2
    Hell Yeah!
    Hi-Rez Studios Authenticate and Update Service
    Java 7 Update 7
    Java Auto Updater
    Java(TM) 7 Update 5 (64-bit)
    JavaFX 2.1.1
    League of Legends
    Logitech GamePanel Software 3.06.109
    Malwarebytes Anti-Malware version 1.65.1.1000
    Mass Effect
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile FRA Language Pack
    Microsoft .NET Framework 4 Extended
    Microsoft .NET Framework 4 Extended FRA Language Pack
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (French) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (French) 2007
    Microsoft Office PowerPoint MUI (French) 2007
    Microsoft Office Proof (Arabic) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (French) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared 64-bit MUI (French) 2007
    Microsoft Office Shared MUI (French) 2007
    Microsoft Office Word MUI (French) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft XNA Framework Redistributable 4.0
    Microsoft XNA Framework Redistributable 4.0 Refresh
    Microsoft_VC80_ATL_x86_x64
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_CRT_x86_x64
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFC_x86_x64
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC80_MFCLOC_x86_x64
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_ATL_x86_x64
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_CRT_x86_x64
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFC_x86_x64
    Microsoft_VC90_MFCLOC_x86
    Microsoft_VC90_MFCLOC_x86_x64
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
    Mise à jour Microsoft Office Word 2007 Help (KB963665)
    Mises à jour NVIDIA 1.10.8
    Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    Module linguistique Microsoft .NET Framework 4 Extended FRA
    Mozilla Firefox 6.0.2 (x86 fr)
    NVIDIA Install Application
    NVIDIA Logiciel système PhysX 9.12.0213
    NVIDIA PhysX
    NVIDIA Pilote 3D Vision 306.97
    NVIDIA Pilote audio HD : 1.3.16.0
    NVIDIA Pilote du contrôleur 3D Vision 301.42
    NVIDIA Pilote graphique 306.97
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update Components
    OpenAL
    Oracle Fusion Middleware 11.1.2.1.0
    Oracle Fusion Middleware 11.1.2.1.0 (BEAHOME 1)
    Orcs Must Die! 2
    Origin
    Pando Media Booster
    Panneau de configuration NVIDIA 306.97
    PDF Settings CS5
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Recettear: An Item Shop's Tale
    Samsung_MonSetup
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)
    Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)
    SEGA Genesis & Mega Drive Classics
    Skype&#8482; 6.0
    SpaceChem
    StarCraft II
    Steam
    System Requirements Lab CYRI
    Terraria
    Tom Clancy's Ghost Recon Future Soldier
    Torchlight II
    Tribes Ascend
    Tropico 4
    Ubisoft Game Launcher
    Unity Web Player
    Universe Sandbox
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Vessel
    Windows Live ID Sign-in Assistant
    WinRAR archiver
    Wizorb
    .
    ==== End Of File ===========================
    _____________________________________________________________________

    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-07 21:13:15
    Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3000HLFS-01G6U0 rev.04.04V01 279.46GB
    Running: 5l7djjg0.exe; Driver: C:\Users\Laurier\AppData\Local\Temp\pwdiafob.sys


    ---- User code sections - GMER 2.0 ----

    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 0000000071d817fa 2 bytes [D8, 71]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000071d81860 2 bytes [D8, 71]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000071d81942 2 bytes [D8, 71]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 0000000071d8194d 2 bytes [D8, 71]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    ? C:\Windows\system32\mssprxy.dll [256] entry point in ".rdata" section 0000000072d871e6
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xf4ae28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xf4ae68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xf4ada8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xf4ad28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xf4af28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xf4af68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xf4aee8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xf4aea8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xf4ac68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xf4aca8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xf4ac28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xf4ade8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xf4ad68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xf4ace8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x1038228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x1038268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x10381a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x1038128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x1038328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x1038368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x10382e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x10382a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x1038068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x10380a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x1038028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x10381e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x1038168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x10380e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xbc8228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xbc8268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xbc81a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xbc8128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xbc8328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xbc8368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xbc82e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xbc82a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xbc8068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xbc80a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xbc8028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xbc81e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xbc8168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xbc80e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xca6628; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xca6668; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xca65a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xca6528; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xca6728; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xca6768; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xca66e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xca66a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xca6468; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xca64a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xca6428; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xca65e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xca6568; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xca64e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x2faa28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x2faa68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x2fa9a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x2fa928; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x2fab28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x2fab68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x2faae8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x2faaa8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x2fa868; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x2fa8a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x2fa828; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x2fa9e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x2fa968; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x2fa8e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xd62628; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xd62668; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xd625a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xd62528; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xd62728; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xd62768; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xd626e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xd626a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xd62468; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xd624a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xd62428; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xd625e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xd62568; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xd624e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xaeca28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xaeca68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xaec9a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xaec928; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xaecb28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xaecb68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xaecae8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xaecaa8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xaec868; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xaec8a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xaec828; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xaec9e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xaec968; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xaec8e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xac3228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xac3268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xac31a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xac3128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xac3328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xac3368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xac32e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xac32a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xac3068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xac30a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xac3028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xac31e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xac3168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xac30e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xbd5e28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xbd5e68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xbd5da8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xbd5d28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xbd5f28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xbd5f68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xbd5ee8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xbd5ea8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xbd5c68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xbd5ca8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xbd5c28; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xbd5de8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xbd5d68; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xbd5ce8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x82b228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x82b268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x82b1a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x82b128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x82b328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x82b368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x82b2e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x82b2a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x82b068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x82b0a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x82b028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x82b1e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x82b168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x82b0e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x603228; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x603268; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x6031a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x603128; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x603328; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x603368; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x6032e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x6032a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x603068; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x6030a8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x603028; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x6031e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x603168; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x6030e8; JMP RDX}
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
    ? C:\Windows\system32\mssprxy.dll [5340] entry point in ".rdata" section 0000000072d871e6
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
    .text ... * 9
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
    .text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]

    ---- Threads - GMER 2.0 ----

    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1040] 00000000011e2d50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1044] 00000000011e1d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1048] 00000000011e1d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1056] 00000000011e1d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1072] 000000000193abb0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1076] 00000000019394a0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1080] 00000000019394a0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1084] 00000000019394a0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1088] 00000000019394a0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1092] 00000000019394a0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1096] 0000000001938e60
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1100] 0000000001937e30
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2148] 000007fefbbe7b80
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2512] 000007fef5598ec0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2620] 00000000011e0330
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2624] 000007fefb8c8650
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2628] 000007fefb8c8650
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2632] 000007fefb8c8650
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2640] 000000000ff98930
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2644] 000000000ff98930
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2648] 000000000ff98930
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2652] 000000000ff958e0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2660] 000000001ac95550
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2664] 000000001ac95550
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2668] 000000001ac95550
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2672] 000000001ac95550
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2676] 000000001ac93730
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2680] 000007fef5188910
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2684] 000007fef5188910
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2688] 000007fef5188910
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2700] 000007fef5144000
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2704] 000007fef5144b30
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2708] 000007fef5147d40
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2712] 00000000019368e0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3180] 000007fef5045470
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3184] 000007fef50415c0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3112] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3100] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3176] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3192] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3196] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3220] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3244] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3212] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3080] 000007fef504fa50
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3260] 000000001bef33f0
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2616] 000007fef25a4b60
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3812] 000007fef25a3770
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3872] 000007fefb779810
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1200] 000007fef5144000
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3968] 000007fef5144b30
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3764] 000007fef5147d40
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:4968] 000007fef5645d30
    Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:4436] 00000000011e1d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3216] 000007fefc662a88
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3632] 000007fef5645d30
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3704] 0000000002d82d50
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3708] 0000000002d81d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3712] 0000000002d81d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3716] 0000000002d81d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3720] 0000000002d81d00
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3168] 0000000070c42340
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:4700] 000007fef25a4b60
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:4692] 000007fef25a3770
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:1204] 0000000070c42340
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:2076] 0000000070c42340
    Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3788] 000007fefe623570
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:4260] 000007fefe623570
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:4652] 000007fefc662a88
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:3108] 000007fef078c0b0
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:1792] 000007fef64d5124
    ---- Processes - GMER 2.0 ----

    Library ? (*** suspicious ***) @ C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956] 00000000005a0000
    Library ? (*** suspicious ***) @ C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852] 00000000004b0000
    Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [5084] 000007fefe500000

    ---- EOF - GMER 2.0 ----
    _____________________________________________________________________

    ty, FaTsauce
     
    Fatsauce, Jan 7, 2013
    #8
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    first thing to try is uninstall bitdefender & see if that solves it

    I have frequently seen BD cause connection problems & issues when something else that uses the network has been uninstalled and BD still thinks it is there

    Further why aren't you on W7 SP1. Is there any reason why you haven't updated ?
     
    dvk01, Jan 8, 2013
    #9
  11. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    On release similar hardware had some struggle i've heard for a sp, so I didn't update then I waited for some patching, and I must have forgotten since then. Will patch that up right now, ty for reminding! And I will reinstall bitdefender when I get home tonight, see if it helps.

    Thanks,
    Laurier
     
    Fatsauce, Jan 8, 2013
    #10
  12. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Completly uninstalled Bitdefender, loaded the download for the SP1, and even on windows official servers, I now cap at 30kb/s, when I capped at 22-25 kb/s... Still far from normal. I have no running firewalls and not even BitDefender on right now (The only website I went to is this one... i'm not reckless...) and I still am at 10-30 kb/s on windows service pack download, or any download at all. Even when I open internet browsers and such, no more than 35 kb/s. and for about 1 second or 2 every 10 minutes i Jump back to 1mb. then back to 0,0 kb sec completly.

    I do good performances on the internet speed test tho... even if it will never happen in "real circumstances"
    http://www.speedtest.net/result/2423183301.png
     
    Fatsauce, Jan 8, 2013
    #11
  13. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    Here is a Screnshot of the Download Upload Meter, after I downloaded and installed and rebooted to SP1. Total file size is 300mb, in about 45 min it downloaded 160 mb.[​IMG]

    PS: I did ABSOLUTLY nothing else during the download. No upload, no opening of another tabs, no gaming, etc. This is pure bitdefender download, nothing else whatsoever.
     
    Fatsauce, Jan 8, 2013
    #12
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    lets see what this shows us
    Download OTScanIt.exe to your Desktop
    • Close any open browsers.
    • If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
    • Double-click on OTS.exe to start the program.
    • In the Files Age drop down box click 90
    • Now on the toolbar at the top select "Scan all users" then click the Run Scan button
    • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Save that notepad file
    If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
     
    dvk01, Jan 9, 2013
    #13
  15. Fatsauce

    Fatsauce Thread Starter

    Joined:
    Jan 7, 2013
    Messages:
    11
    OST LOG

    Ty,
    Fat
     

    Attached Files:

    Fatsauce, Jan 9, 2013
    #14
  16. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    does it do it when you are connected direct to your router via the Ethernet cable or only using your dlink wireless connection
     
    dvk01, Jan 10, 2013
    #15

  17. Sponsor

Page 1 of 2
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Very Jumpy Unstable
  1. wisenetcat

    upload small file to a very large number of emails

    wisenetcat, Mar 15, 2020, in forum: Networking
    Replies:
    1
    Views:
    293
    cwwozniak
    Mar 16, 2020
  2. becky1963

    My computer is very sow

    becky1963, Mar 10, 2020, in forum: Networking
    Replies:
    17
    Views:
    704
    metallica5456
    Mar 15, 2020
  3. Notrealtechy123

    8 AP’s on our network and some need rebooted every morning??

    Notrealtechy123, Jan 27, 2020, in forum: Networking
    Replies:
    1
    Views:
    226
    zx10guy
    Jan 28, 2020
  4. Laughalotkpg

    Neighbor Discovery Protocol

    Laughalotkpg, Nov 19, 2019, in forum: Networking
    Replies:
    3
    Views:
    198
    Couriant
    Nov 20, 2019
  5. GrumbulUK

    Network drop every 5 minutes like clockwork

    GrumbulUK, Nov 16, 2019, in forum: Networking
    Replies:
    39
    Views:
    2,127
    Professionalgirl
    Jan 25, 2020
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1084140

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice