Very Jumpy and Unstable Internet, tried everything.

[Fatsauce]

Hello, Honestly it's the first time I post anything on any forums, I always was able to solve my problems, but this one.
To the facts:
My Internet connexion is VERY jumpy. 99% of the time i have MAX 12 kb/s on my specific computer (very god damned slow. 4 hours for a 4 mb download), as my tablet or laptop runs internet as fast as always. It is only 1 computer problem on the network.

- I managed to get the false privitizeVPN from piratebay on my cpu yesterday
- I deleted it and believe I deleted all of it.
- I then ran in safe mode Rkill, Malwarebytes and did a complete scan with Bitdefender. Cleared some minor things.
- Internet still slow, I ran Combofix, cleared 2 things, still slow.
- Even on Steam, where i normally hit 1 mb/s I am stuck at that infamous 13-14 kb/s. I went and assigned 40% in the broadband settings, it was set on 0% for some reason.

-Right now steam downloaded at 1mb/s for about 2 minutes, and now is dropped to 3-20 kb/s without any notice or any changes, as I was typing this message.
- I tried rebooting the networking systems too, and all of the electrical conflicts / etc. with no results.

Honestly, I really am stuck on this one, any help would gladly be appreciated.
I still have all the Logs the software scan gave me.

Thanks

 

[Phantom010]

- I managed to get the false privitizeVPN from piratebay on my cpu yesterday

Did your problem start only then?

 

[Fatsauce]

Yes, I had no troubles before. Wich is why I wonder why none of the above mentionned programs cleared anything big. I restored the system (I needed to do it in safe mode, because something, most likely a virus, stopped me from doing so. I eventually succeded). And my bitdefender real time security won't activate, since then. exactly like this guy. http://www.youtube.com/watch?v=a0V_pg6BBgM I do not share his point of view on the thing tho, and I never had any problems with it before. PS: Don't watch the full thing. Edit: Watch at 1:14. Same problem, didn't find a solution too. But I did everything I could to destroy a possible Virus / Malware, with no result on my internet or my real time protection.

 

[Phantom010]

Your computer might still be infected.

If you wish for a malware removal specialist's advice, please click on Report and kindly ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. The malware removal experts are very busy! You should get an answer within the next 48 hours.

 

[Fatsauce]

Alright, will do! Thanks

 

[Phantom010]

No problem.

If the problem isn't malware related, we'll be glad to assist you again in the Networking forum.

 

[Fatsauce]

Thanks for moving me to the right section, I do not have access to my computer right now, I will post all of the logs and the required things tonight.

Thanks,
FAt

 

[Fatsauce]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:53 PM, on 1/7/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Laurier\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
O4 - HKLM\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) - Wireless Service - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe
O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 23614 bytes
____________________________________________________________________

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Laurier at 21:05:32 on 2013-01-07
Microsoft Windows*7 Édition Intégrale 6.1.7600.0.1252.2.1036.18.4093.1850 [GMT -5:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: BitDefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: BitDefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Laurier\Downloads\HijackThis.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
mRun: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
mRun: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
mRun: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\2454C4C4936333 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\C696E6B6379737 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\D4169637F6E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1A5A268F-69B0-4651-945C-E5E1F3D99A40}\D496C6C656023556276796365637D26796379647565727 : DHCPNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
TCP: Interfaces\{2DC1D2C5-1AFD-48A6-B11D-4212D9D61DA8} : DHCPNameServer = 192.168.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
x64-Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Laurier\AppData\Roaming\Mozilla\Firefox\Profiles\z938xqog.default\
.
============= SERVICES / DRIVERS ===============
.
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2010-10-18 15872]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2013-1-7 99408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-11-15 272448]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-9 204288]
R2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [2010-10-18 40960]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-13 8704]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-17 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-17 676936]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2010-10-16 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2013-1-7 53224]
R3 BDFM;BDFM;C:\Windows\System32\drivers\bdfm.sys [2010-5-13 162896]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-11-14 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-16 347680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 D_Link_DWA-125;D_Link_DWA-125 Service;C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe [2010-10-18 126976]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-20 46136]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-6 231440]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2010-10-16 51712]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2010-10-16 24064]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2010-10-16 51712]
S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2013-1-7 467248]
S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2010-10-16 24064]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-16 1255736]
S4 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2010-6-28 692816]
S4 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2010-6-28 1040976]
.
=============== Created Last 30 ================
.
2013-01-07 15:48:47 -------- d-----w- C:\Program Files\CCleaner
2013-01-07 15:33:29 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-07 15:07:49 98816 ----a-w- C:\Windows\sed.exe
2013-01-07 15:07:49 256000 ----a-w- C:\Windows\PEV.exe
2013-01-07 15:07:49 208896 ----a-w- C:\Windows\MBR.exe
2013-01-07 09:08:17 -------- d-----w- C:\Windows\pss
2013-01-07 07:05:23 -------- d-----w- C:\Program Files (x86)\WinDirStat
2013-01-07 06:04:19 -------- d-----w- C:\ProgramData\WoW Worldwide Software LTD
2013-01-07 06:03:46 -------- d-----w- C:\ProgramData\InstallMate
2012-12-29 16:42:26 -------- d-----w- C:\Program Files (x86)\AMD
2012-12-29 16:42:24 -------- d-----w- C:\Users\Laurier\AppData\Local\Downloaded Installations
2012-12-24 05:48:58 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Tropico 4
2012-12-23 21:52:03 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-23 21:52:03 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-23 21:52:02 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-23 21:52:02 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-18 03:11:10 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Vessel
2012-12-13 19:30:08 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-13 19:30:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 20:27:47 -------- d-----w- C:\Users\Laurier\AppData\Roaming\Kalypso Media
.
==================== Find3M ====================
.
2013-01-07 09:17:23 76248 ----a-w- C:\ProgramData\bdinstall.bin
2012-11-22 08:20:36 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-02 05:27:51 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 04:48:28 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 21:20:49 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 21:20:46 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 20:34:37 559104 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-11 02:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-11 02:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-11 02:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-11 02:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-11 02:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-11 02:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-11 02:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-11 02:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-10 23:17:58 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2012-10-10 23:14:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-10 23:14:06 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-10 23:14:06 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-07-08 15:37:14 101544 ----a-w- C:\Program Files\Common Files\LinkInstaller.exe
.
============= FINISH: 21:06:31.62 ===============
_____________________________________________________________________

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows*7 Édition Intégrale
Boot Device: \Device\HarddiskVolume1
Install Date: 10/16/2010 10:30:24 AM
System Uptime: 1/7/2013 8:59:05 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790FXT-UD5P
Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 2080/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 279 GiB total, 60.641 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AODDriver4.01
Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
Manufacturer:
Name: AODDriver4.01
PNP Device ID: ROOT\LEGACY_AODDRIVER4.01\0000
Service: AODDriver4.01
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.3 - Français
Antidote RX v8
µTorrent
Audiosurf
Batman: Arkham City GOTY
Battlefield 3&#8482;
Battlelog Web Plugins
BIT.TRIP RUNNER
BitDefender Antivirus Pro 2011
Borderlands
Calibrize 2.0
CCleaner
Chivalry: Medieval Warfare
ComicRack v0.9.142
Counter-Strike: Source
D-Link DWA-125
DAEMON Tools Pro
Diagnostic Utility
Dota 2
DU Meter
Dual-Core Optimizer
ESN Sonar
Fallout: New Vegas
FIFA 12 (c) EA version 1
FXAA Post Process Injector
Gigabyte Raid Configurer
Google Chrome
Google Update Helper
Guild Wars 2
Hell Yeah!
Hi-Rez Studios Authenticate and Update Service
Java 7 Update 7
Java Auto Updater
Java(TM) 7 Update 5 (64-bit)
JavaFX 2.1.1
League of Legends
Logitech GamePanel Software 3.06.109
Malwarebytes Anti-Malware version 1.65.1.1000
Mass Effect
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FRA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended FRA Language Pack
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (French) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (French) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Mises à jour NVIDIA 1.10.8
Module linguistique Microsoft .NET Framework 4 Client Profile FRA
Module linguistique Microsoft .NET Framework 4 Extended FRA
Mozilla Firefox 6.0.2 (x86 fr)
NVIDIA Install Application
NVIDIA Logiciel système PhysX 9.12.0213
NVIDIA PhysX
NVIDIA Pilote 3D Vision 306.97
NVIDIA Pilote audio HD : 1.3.16.0
NVIDIA Pilote du contrôleur 3D Vision 301.42
NVIDIA Pilote graphique 306.97
NVIDIA Stereoscopic 3D Driver
NVIDIA Update Components
OpenAL
Oracle Fusion Middleware 11.1.2.1.0
Oracle Fusion Middleware 11.1.2.1.0 (BEAHOME 1)
Orcs Must Die! 2
Origin
Pando Media Booster
Panneau de configuration NVIDIA 306.97
PDF Settings CS5
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Samsung_MonSetup
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)
SEGA Genesis & Mega Drive Classics
Skype&#8482; 6.0
SpaceChem
StarCraft II
Steam
System Requirements Lab CYRI
Terraria
Tom Clancy's Ghost Recon Future Soldier
Torchlight II
Tribes Ascend
Tropico 4
Ubisoft Game Launcher
Unity Web Player
Universe Sandbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Vessel
Windows Live ID Sign-in Assistant
WinRAR archiver
Wizorb
.
==== End Of File ===========================
_____________________________________________________________________

GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-07 21:13:15
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3000HLFS-01G6U0 rev.04.04V01 279.46GB
Running: 5l7djjg0.exe; Driver: C:\Users\Laurier\AppData\Local\Temp\pwdiafob.sys


---- User code sections - GMER 2.0 ----

.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 0000000071d817fa 2 bytes [D8, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000071d81860 2 bytes [D8, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000071d81942 2 bytes [D8, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 0000000071d8194d 2 bytes [D8, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
? C:\Windows\system32\mssprxy.dll [256] entry point in ".rdata" section 0000000072d871e6
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xf4ae28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xf4ae68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xf4ada8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xf4ad28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xf4af28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xf4af68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xf4aee8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xf4aea8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xf4ac68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xf4aca8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xf4ac28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xf4ade8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xf4ad68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xf4ace8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4804] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x1038228; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x1038268; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x10381a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x1038128; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x1038328; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x1038368; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x10382e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x10382a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x1038068; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x10380a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x1038028; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x10381e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x1038168; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x10380e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xbc8228; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xbc8268; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xbc81a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xbc8128; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xbc8328; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xbc8368; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xbc82e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xbc82a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xbc8068; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xbc80a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xbc8028; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xbc81e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xbc8168; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xbc80e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[2864] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xca6628; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xca6668; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xca65a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xca6528; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xca6728; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xca6768; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xca66e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xca66a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xca6468; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xca64a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xca6428; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xca65e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xca6568; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xca64e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x2faa28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x2faa68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x2fa9a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x2fa928; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x2fab28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x2fab68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x2faae8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x2faaa8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x2fa868; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x2fa8a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x2fa828; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x2fa9e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x2fa968; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x2fa8e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xd62628; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xd62668; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xd625a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xd62528; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xd62728; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xd62768; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xd626e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xd626a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xd62468; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xd624a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xd62428; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xd625e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xd62568; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xd624e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xaeca28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xaeca68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xaec9a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xaec928; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xaecb28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xaecb68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xaecae8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xaecaa8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xaec868; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xaec8a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xaec828; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xaec9e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xaec968; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xaec8e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1568] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xac3228; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xac3268; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xac31a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xac3128; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xac3328; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xac3368; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xac32e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xac32a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xac3068; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xac30a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xac3028; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xac31e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xac3168; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xac30e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0xbd5e28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0xbd5e68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0xbd5da8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0xbd5d28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0xbd5f28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0xbd5f68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0xbd5ee8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0xbd5ea8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0xbd5c68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0xbd5ca8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0xbd5c28; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0xbd5de8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0xbd5d68; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0xbd5ce8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5644] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x82b228; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x82b268; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x82b1a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x82b128; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x82b328; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x82b368; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x82b2e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x82b2a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x82b068; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x82b0a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x82b028; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x82b1e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x82b168; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x82b0e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5788] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077ccf941 7 bytes {MOV EDX, 0x603228; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077ccfb85 7 bytes {MOV EDX, 0x603268; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077ccfbb5 7 bytes {MOV EDX, 0x6031a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077ccfbcd 7 bytes {MOV EDX, 0x603128; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077ccfbe5 7 bytes {MOV EDX, 0x603328; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077ccfc15 7 bytes {MOV EDX, 0x603368; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077ccfc95 7 bytes {MOV EDX, 0x6032e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077ccfcad 7 bytes {MOV EDX, 0x6032a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077ccfcf9 7 bytes {MOV EDX, 0x603068; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077ccfdf1 7 bytes {MOV EDX, 0x6030a8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077cd0049 7 bytes {MOV EDX, 0x603028; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077cd1055 7 bytes {MOV EDX, 0x6031e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077cd10cd 7 bytes {MOV EDX, 0x603168; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077cd12d1 7 bytes {MOV EDX, 0x6030e8; JMP RDX}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]
? C:\Windows\system32\mssprxy.dll [5340] entry point in ".rdata" section 0000000072d871e6
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076441401 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076441419 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076441431 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007644144a 2 bytes [44, 76]
.text ... * 9
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000764414dd 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000764414f5 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007644150d 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076441525 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007644153d 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076441555 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007644156d 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076441585 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007644159d 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000764415b5 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000764415cd 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000764416b2 2 bytes [44, 76]
.text C:\Users\Laurier\Downloads\HijackThis.exe[5340] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000764416bd 2 bytes [44, 76]

---- Threads - GMER 2.0 ----

Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1040] 00000000011e2d50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1044] 00000000011e1d00
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1048] 00000000011e1d00
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1056] 00000000011e1d00
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1072] 000000000193abb0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1076] 00000000019394a0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1080] 00000000019394a0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1084] 00000000019394a0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1088] 00000000019394a0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1092] 00000000019394a0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1096] 0000000001938e60
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1100] 0000000001937e30
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2148] 000007fefbbe7b80
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2512] 000007fef5598ec0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2620] 00000000011e0330
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2624] 000007fefb8c8650
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2628] 000007fefb8c8650
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2632] 000007fefb8c8650
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2640] 000000000ff98930
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2644] 000000000ff98930
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2648] 000000000ff98930
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2652] 000000000ff958e0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2660] 000000001ac95550
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2664] 000000001ac95550
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2668] 000000001ac95550
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2672] 000000001ac95550
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2676] 000000001ac93730
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2680] 000007fef5188910
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2684] 000007fef5188910
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2688] 000007fef5188910
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2700] 000007fef5144000
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2704] 000007fef5144b30
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2708] 000007fef5147d40
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2712] 00000000019368e0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3180] 000007fef5045470
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3184] 000007fef50415c0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3112] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3100] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3176] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3192] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3196] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3220] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3244] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3212] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3080] 000007fef504fa50
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3260] 000000001bef33f0
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:2616] 000007fef25a4b60
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3812] 000007fef25a3770
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3872] 000007fefb779810
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:1200] 000007fef5144000
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3968] 000007fef5144b30
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:3764] 000007fef5147d40
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:4968] 000007fef5645d30
Thread C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956:4436] 00000000011e1d00
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3216] 000007fefc662a88
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3632] 000007fef5645d30
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3704] 0000000002d82d50
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3708] 0000000002d81d00
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3712] 0000000002d81d00
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3716] 0000000002d81d00
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3720] 0000000002d81d00
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3168] 0000000070c42340
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:4700] 000007fef25a4b60
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:4692] 000007fef25a3770
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:1204] 0000000070c42340
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:2076] 0000000070c42340
Thread C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852:3788] 000007fefe623570
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:4260] 000007fefe623570
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:4652] 000007fefc662a88
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:3108] 000007fef078c0b0
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5084:1792] 000007fef64d5124
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [956] 00000000005a0000
Library ? (*** suspicious ***) @ C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2852] 00000000004b0000
Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [5084] 000007fefe500000

---- EOF - GMER 2.0 ----
_____________________________________________________________________

ty, FaTsauce

 

[dvk01]

first thing to try is uninstall bitdefender & see if that solves it

I have frequently seen BD cause connection problems & issues when something else that uses the network has been uninstalled and BD still thinks it is there

Further why aren't you on W7 SP1. Is there any reason why you haven't updated ?

 

[Fatsauce]

On release similar hardware had some struggle i've heard for a sp, so I didn't update then I waited for some patching, and I must have forgotten since then. Will patch that up right now, ty for reminding! And I will reinstall bitdefender when I get home tonight, see if it helps.

Thanks,
Laurier

 

[Fatsauce]

Completly uninstalled Bitdefender, loaded the download for the SP1, and even on windows official servers, I now cap at 30kb/s, when I capped at 22-25 kb/s... Still far from normal. I have no running firewalls and not even BitDefender on right now (The only website I went to is this one... i'm not reckless...) and I still am at 10-30 kb/s on windows service pack download, or any download at all. Even when I open internet browsers and such, no more than 35 kb/s. and for about 1 second or 2 every 10 minutes i Jump back to 1mb. then back to 0,0 kb sec completly.

I do good performances on the internet speed test tho... even if it will never happen in "real circumstances"
http://www.speedtest.net/result/2423183301.png

 

[Fatsauce]

Here is a Screnshot of the Download Upload Meter, after I downloaded and installed and rebooted to SP1. Total file size is 300mb, in about 45 min it downloaded 160 mb.

PS: I did ABSOLUTLY nothing else during the download. No upload, no opening of another tabs, no gaming, etc. This is pure bitdefender download, nothing else whatsoever.

 

[dvk01]

lets see what this shows us
Download OTScanIt.exe to your Desktop

• Close any open browsers.
• If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
• Double-click on OTS.exe to start the program.
• In the Files Age drop down box click 90
• Now on the toolbar at the top select "Scan all users" then click the Run Scan button
• The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Save that notepad file

If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.

 

[Fatsauce]

OST LOG

Ty,
Fat

 

[dvk01]

does it do it when you are connected direct to your router via the Ethernet cable or only using your dlink wireless connection