Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Tutorial / How-To / F.A.Q.
Ricarica la Pagina gmer e analisi dei suoi logs [tread ufficiale]

Recensione HUAWEI MatePad 11.5''S, con il display PaperMatte si scrive come sulla carta
Recensione HUAWEI MatePad 11.5''S, con il display PaperMatte si scrive come sulla carta
HUAWEI MatePad 11,5''S è il nuovo tablet tuttofare di Huawei. Un device che adotta un display PaperMatte offrendo un'esperienza di scrittura e lettura simile alla carta, e vantando al contempo funzionalità pensate per la produttività come due accessori dedicati fra pennino e tastiera magnetica. Lo abbiamo provato e vi raccontiamo tutto quello che c'è da sapere nella nostra recensione completa.
Recensione HONOR 200 Pro: potrete fare ritratti da fotografo professionista! 
Recensione HONOR 200 Pro: potrete fare ritratti da fotografo professionista! 
HONOR sorprende il mercato dei medio gamma e lo fa con il nuovo HONOR 200 Pro, uno smartphone che sa fotografare ritratti professionali grazie ad un lavoro di Intelligenza Artificiale e di ottimizzazione realizzato in collaborazione con lo studio Harcourt di Parigi. Lo abbiamo messo in prova e questi sono i risultati.
I robot tagliaerba che nascono in Italia: visita nella sede (e nella fabbrica) di Stiga
I robot tagliaerba che nascono in Italia: visita nella sede (e nella fabbrica) di Stiga
Abbiamo avuto l'opportunità di visitare la sede di Stiga, azienda che a Castelfranco Veneto ha la sua sede operativa e produttiva, dove nascono tanti prodotti per la cura del verde, tra cui i nuovi robot autonomi
Meta si ferma (per ora): non addestrerà l'intelligenza artificiale con i post degli utenti europei
Notebook AMD Ryzen AI 300 e Intel Lunar Lake senza funzionalità Copilot+ al lancio, arriverà un aggiornamento entro fine anno
I nuovi notebook di fine 2024: cosa attendersi da Intel, AMD e Qualcomm
Prezzi bomba Amazfit: crolla a 89€ GTS 2, solo 99€ per il GTR 3!
Aspirano, lavano, 4000Pa: Laresar Evol 3s a 159€, Lefant M1 179€ e crollo di prezzo (106€) per la scopa elettrica da 38KPa!
Assassin's Creed e le polemiche su Yasuke: il direttore del franchise definisce Elon Musk 'triste'
Era finito, ora ancora 9 pezzi a 519€ per il PC tuttofare Lenovo con 24GB di RAM, CPU Intel e SSD velocissimo!
La truffa email LIDL (ma ovviamente non sono loro): aiutiamo chi ne sa di meno
Weekend di sconti Amazon: iPhone 15 Pro e Pro Max, DJI Mini 4 Pro, AirPods, tablet e tante occasioni di risparmio!
COMPUTEX 2024: un'edizione da ricordare per riconfermarsi la Woodstock dell'hi-tech
Intel ha capito, ma solo in parte, perché le CPU Core Raptor Lake crashano
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 18 di 19 « Prima < 8 14 15 16 17 18 19 >
Rispondi
 
Strumenti
Old 13-03-2012, 15:52   #341
Giacomo.56
Member
 
Iscritto dal: Jan 2010
Messaggi: 212
Scusate, ma ho avuto un problema con Gmer. Qualche giorno fa dopo un' ora circa di scansione è andato in crash con una schermata mezza blu e mezza nera. Qualche attimo dopo si è riavviato il pc. Ho perso un' ora di tempo a vuoto. Come posso risolvere? Perchè è andato in crash? E' possibile fare un beckup in modo che se va in crash è possibile riprendere la scansione? Grazie.
Giacomo.56 è offline   Rispondi citando il messaggio o parte di esso
Old 13-03-2012, 15:57   #342
Giacomo.56
Member
 
Iscritto dal: Jan 2010
Messaggi: 212
.
Giacomo.56 è offline   Rispondi citando il messaggio o parte di esso
Old 13-03-2012, 16:04   #343
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Giacomo.56 Guarda i messaggi
Scusate, ma ho avuto un problema con Gmer. Qualche giorno fa dopo un' ora circa di scansione è andato in crash con una schermata mezza blu e mezza nera. Qualche attimo dopo si è riavviato il pc. Ho perso un' ora di tempo a vuoto. Come posso risolvere? Perchè è andato in crash? E' possibile fare un beckup in modo che se va in crash è possibile riprendere la scansione? Grazie.
Quote:
Originariamente inviato da Giacomo.56 Guarda i messaggi
.
http://www.hwupgrade.it/forum/showthread.php?p=37092402

pensi di postare in ogni singolo Thread ?

__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 13-03-2012, 16:18   #344
Giacomo.56
Member
 
Iscritto dal: Jan 2010
Messaggi: 212
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
http://www.hwupgrade.it/forum/showthread.php?p=37092402

pensi di postare in ogni singolo Thread ?
Per quanto riguarda il puntino potete anche cancellarlo. Mi è "sfuggito" il tasto invia risposta. Per quanto riguarda invece la questione dei post mi sono ricordato tardi dell' esistenza delle pagine dedicate ai vari software. Chiedo scusa per il pastrocchio provocato.
Giacomo.56 è offline   Rispondi citando il messaggio o parte di esso
Old 16-03-2012, 00:15   #345
Puzzle68
Member
 
L'Avatar di Puzzle68
 
Iscritto dal: Mar 2012
Messaggi: 36
Quote:
Originariamente inviato da Puzzle68 Guarda i messaggi
Ciao a tutti,
faccio sempre delle scansioni con Avast e MBAM prima di fare un immagine del Sistema Operativo. Ho fatto una scansione con Gmer, qui il log: http://wikisend.com/download/150000/analisi Gmer 12_03_2012.log.

P.S. questo e il mio primo messaggio, spero di non aver fatto cavolate con il log.
Vi chiedo gentilmente se qualcuno mi può controllare il log, grazie.
Puzzle68 è offline   Rispondi citando il messaggio o parte di esso
Old 16-03-2012, 08:37   #346
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Puzzle68 Guarda i messaggi
Vi chiedo gentilmente se qualcuno mi può controllare il log, grazie.
Ciao, dal log non emerge nulla.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 16-03-2012, 19:50   #347
Puzzle68
Member
 
L'Avatar di Puzzle68
 
Iscritto dal: Mar 2012
Messaggi: 36
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Ciao, dal log non emerge nulla.
Ti ringrazio, ciao.
Puzzle68 è offline   Rispondi citando il messaggio o parte di esso
Old 21-03-2012, 00:59   #348
Giacomo.56
Member
 
Iscritto dal: Jan 2010
Messaggi: 212
Sto avendo un altro problema con GMER. Nei menù non mi compaiono ne Log e ne Setting. Come mai? Grazie.
Giacomo.56 è offline   Rispondi citando il messaggio o parte di esso
Old 21-03-2012, 14:46   #349
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Giacomo.56 Guarda i messaggi
Sto avendo un altro problema con GMER. Nei menù non mi compaiono ne Log e ne Setting. Come mai? Grazie.
Produci i log che riesci a produrre ed allegali nel rispetto delle Regole dove ti è già stato amopiamente indicato, ricordo che questo è un Forum non un Help Desk
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 25-03-2012, 16:53   #350
RockPoetry
Member
 
L'Avatar di RockPoetry
 
Iscritto dal: Mar 2008
Città: Verona
Messaggi: 66
???
Scusate ma a scansione terminata non mi compare scritto niente sulla schermata della scheda Roolkit/Malware. E' normale?

RockPoetry è offline   Rispondi citando il messaggio o parte di esso
Old 21-08-2012, 16:18   #351
Destiny85
Bannato
 
Iscritto dal: Aug 2007
Messaggi: 116
Quote:
Originariamente inviato da RockPoetry Guarda i messaggi
Scusate ma a scansione terminata non mi compare scritto niente sulla schermata della scheda Roolkit/Malware. E' normale?

Giravogando per google ho trovato questo topic, ho anche io la tua schermata, o meglio, non riesco a selezionare le altre voci, solo le ultime tre (Services, Registry,Files) sono selezionabili, le altre tutte in grigio.

Sto facendo comunque la scansione e poi modificherò per mettere il log

Edit: eccolo credo:

Codice:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-21 17:59:14
Windows 6.1.7601 Service Pack 1 
Running: 776iw6nn.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002713c305bf                      
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002713c305bf (not active ControlSet)  

---- EOF - GMER 1.0.15 ----
Ultima modifica di Destiny85 : 21-08-2012 alle 17:03.
Destiny85 è offline   Rispondi citando il messaggio o parte di esso
Old 22-08-2012, 15:27   #352
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da RockPoetry Guarda i messaggi
Scusate ma a scansione terminata non mi compare scritto niente sulla schermata della scheda Roolkit/Malware. E' normale?
Si

Quote:
Originariamente inviato da Destiny85 Guarda i messaggi
Giravogando per google ho trovato questo topic, ho anche io la tua schermata, o meglio, non riesco a selezionare le altre voci, solo le ultime tre (Services, Registry,Files) sono selezionabili, le altre tutte in grigio.

Sto facendo comunque la scansione e poi modificherò per mettere il log
Tasto dx del mouse ed Esegui come amministratore
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 10-12-2012, 13:06   #353
tormento77
Junior Member
 
Iscritto dal: Aug 2010
Messaggi: 27
log
gmerlog.log


Grazie!
tormento77 è offline   Rispondi citando il messaggio o parte di esso
Old 10-12-2012, 13:19   #354
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da tormento77 Guarda i messaggi
gmerlog.log


Grazie!
http://www.hwupgrade.it/forum/showthread.php?t=2528469

visto
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 07-01-2013, 14:41   #355
lupo rosso
Senior Member
 
L'Avatar di lupo rosso
 
Iscritto dal: May 2005
Messaggi: 2828
Eccomi ci sono pure io!
Intanto saluto tutti gli uteni augurandogli un buon anno pieno di gioei felicità e tant altro!!
ecco il mio log!
Codice:
 GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-07 15:04:20
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950042 rev.0005 465,76GB
Running: r5td0jsv.exe; Driver: C:\Users\Admin\AppData\Local\Temp\aglorpod.sys


---- User code sections - GMER 2.0 ----

.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                     000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                   00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                   00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                   0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                            000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                        000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                             000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                      000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                          000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                       000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                     000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\ole32.dll!CoCreateInstance                                                             000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1548] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                            000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                               000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                             00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                             00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                             0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                      000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                  000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                       000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                    000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                 000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\Common Files\SPBA\upeksvr.exe[1892] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                               000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[2208] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey                                         000000007704fa88 5 bytes JMP 0000000172cd139e
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[2208] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                  0000000077050018 5 bytes JMP 0000000172cd1a54
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                           0000000077001401 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                             0000000077001419 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                           0000000077001431 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                           000000007700144a 2 bytes [00, 77]
.text    ...                                                                                                                                                                       * 9
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                              00000000770014dd 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                       00000000770014f5 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                              000000007700150d 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                       0000000077001525 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                             000000007700153d 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                  0000000077001555 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                           000000007700156d 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                             0000000077001585 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                000000007700159d 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                             00000000770015b5 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                           00000000770015cd 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                       00000000770016b2 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                       00000000770016bd 2 bytes [00, 77]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                       0000000074be1429 7 bytes JMP 000000016bd5128f
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                              0000000074bfb223 5 bytes JMP 000000016bd51596
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                              0000000074c788f4 7 bytes JMP 000000016bd51339
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                              0000000074c78979 5 bytes JMP 000000016bd516b3
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                   0000000075491d1b 3 bytes JMP 000000016bd511d1
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW + 4                                               0000000075491d1f 1 byte [F6]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                 0000000075491dc9 3 bytes JMP 000000016bd51019
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW + 4                                             0000000075491dcd 1 byte [F6]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                     0000000075492aa4 3 bytes JMP 000000016bd5154b
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 4                                                 0000000075492aa8 1 byte [F6]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                        0000000075492d0a 3 bytes JMP 000000016bd51276
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary + 4                                                    0000000075492d0e 1 byte [F6]
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                0000000074f0e9a2 5 bytes JMP 000000016bd515af
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                  0000000074f0ebdc 5 bytes JMP 000000016bd5119a
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                       0000000074f85ea5 5 bytes JMP 000000016bd515e1
.text    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe[4876] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                        0000000074fb9d0b 5 bytes JMP 000000016bd5122b
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                  000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                         000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                     000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                          000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                   000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                       000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                    000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                  000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\dxgi.dll!CreateDXGIFactory                                                                                          000007fef2b14da4 7 bytes JMP 000007fff2b000d8
.text    C:\Windows\system32\Dwm.exe[4924] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1                                                                                         000007fef2b39af4 7 bytes JMP 000007fff2b00110
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                        000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                      00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                      00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                      0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                               000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                           000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                         000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                             000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                          000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                        000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\IDT\WDM\sttray64.exe[1388] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                               000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                             000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                           00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                           00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                           0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                    000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                     000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                              000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                  000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                               000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                             000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                     000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Windows\System32\igfxpers.exe[4680] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                    000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                              000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                            00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                            00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                            0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                     000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                 000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                      000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                               000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                   000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                              000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\ole32.dll!CoCreateInstance                                                      000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[4248] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                     000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                         000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                       00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                       00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                       0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                            000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                 000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                          000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                              000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                           000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                         000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                 000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\DellTPad\Apoint.exe[4456] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                           000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                         00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                         00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                         0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                  000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                              000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                   000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                            000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                             000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                           000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\ole32.dll!CoCreateInstance                                                   000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe[4740] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                  000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW             000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                  000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW           000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW               000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo            000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList          000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\ole32.dll!CoCreateInstance                  000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe[4968] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                 000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                 000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                               00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                               00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                               0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                        000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                    000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                         000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                  000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                      000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                   000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\Windows Sidebar\sidebar.exe[4400] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                 000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                       000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                     00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                     00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                     0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                              000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                          000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                               000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                        000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                            000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                         000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                       000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\ole32.dll!CoCreateInstance                                                               000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[4864] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                              000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                            000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                 000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                          000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                              000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                 000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                           000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Windows\system32\wbem\unsecapp.exe[580] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                         000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                       000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                     00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                     00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                     0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                              000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                          000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                               000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                        000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                            000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                         000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\DellTPad\ApMsgFwd.exe[4232] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                       000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                       000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                     00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                     00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                     0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                              000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                          000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                               000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                        000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                            000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                         000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1756] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                       000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\kernel32.dll!RegSetValueExA            0000000074be1429 7 bytes JMP 000000016bd5128f
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW   0000000074bfb223 5 bytes JMP 000000016bd51596
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx   0000000074c788f4 7 bytes JMP 000000016bd51339
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation   0000000074c78979 5 bytes JMP 000000016bd516b3
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW     0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW        0000000075491d1b 3 bytes JMP 000000016bd511d1
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW + 4    0000000075491d1f 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW      0000000075491dc9 3 bytes JMP 000000016bd51019
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW + 4  0000000075491dcd 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW          0000000075492aa4 3 bytes JMP 000000016bd5154b
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 4      0000000075492aa8 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary             0000000075492d0a 3 bytes JMP 000000016bd51276
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary + 4         0000000075492d0e 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList     0000000074f0e9a2 5 bytes JMP 000000016bd515af
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo       0000000074f0ebdc 5 bytes JMP 000000016bd5119a
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket            0000000074f85ea5 5 bytes JMP 000000016bd515e1
.text    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[4024] C:\Windows\syswow64\ole32.dll!CoCreateInstance             0000000074fb9d0b 5 bytes JMP 000000016bd5122b
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA                                       0000000074be1429 7 bytes JMP 000000016bd5128f
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW                              0000000074bfb223 5 bytes JMP 000000016bd51596
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx                              0000000074c788f4 7 bytes JMP 000000016bd51339
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation                              0000000074c78979 5 bytes JMP 000000016bd516b3
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW                                0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                   0000000075491d1b 3 bytes JMP 000000016bd511d1
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW + 4                               0000000075491d1f 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                 0000000075491dc9 3 bytes JMP 000000016bd51019
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW + 4                             0000000075491dcd 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                     0000000075492aa4 3 bytes JMP 000000016bd5154b
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 4                                 0000000075492aa8 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                        0000000075492d0a 3 bytes JMP 000000016bd51276
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary + 4                                    0000000075492d0e 1 byte [F6]
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                0000000074f0e9a2 5 bytes JMP 000000016bd515af
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                  0000000074f0ebdc 5 bytes JMP 000000016bd5119a
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                       0000000074f85ea5 5 bytes JMP 000000016bd515e1
.text    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[1180] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                        0000000074fb9d0b 5 bytes JMP 000000016bd5122b
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[3184] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                       0000000074be1429 7 bytes JMP 000000016bd5128f
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[3184] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                              0000000074bfb223 5 bytes JMP 000000016bd51596
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[3184] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                              0000000074c788f4 7 bytes JMP 000000016bd51339
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[3184] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                              0000000074c78979 5 bytes JMP 000000016bd516b3
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe[3184] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                           000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                         000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                             000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                          000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\DellTPad\HidFind.exe[4032] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                        000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                         000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                       00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                       00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                       0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                            000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                 000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                          000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                              000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                           000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\DellTPad\Apntex.exe[4592] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                         000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                            0000000077001401 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                              0000000077001419 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                            0000000077001431 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                            000000007700144a 2 bytes [00, 77]
.text    ...                                                                                                                                                                       * 9
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                               00000000770014dd 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                        00000000770014f5 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                               000000007700150d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                        0000000077001525 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                              000000007700153d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                   0000000077001555 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                            000000007700156d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                              0000000077001585 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                 000000007700159d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                              00000000770015b5 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                            00000000770015cd 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                        00000000770016b2 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\RunDll32.exe[5048] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                        00000000770016bd 2 bytes [00, 77]
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                000000007690efe0 5 bytes JMP 000000016fff0148
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                              00000000769399b0 7 bytes JMP 000000016fff00d8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                              00000000769494d0 5 bytes JMP 000000016fff0180
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                              0000000076949640 5 bytes JMP 000000016fff0110
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                       000000007696a500 7 bytes JMP 000000016fff01b8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                   000007fefd613460 7 bytes JMP 000007fffd5c00d8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                        000007fefd6190b0 5 bytes JMP 000007fffd5c0180
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                 000007fefd619250 5 bytes JMP 000007fffd5c0110
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                     000007fefd61b7b0 6 bytes JMP 000007fffd5c0148
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                  000007fefd8f89e0 8 bytes JMP 000007fffd5c01f0
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                000007fefd8fbe40 8 bytes JMP 000007fffd5c01b8
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\ole32.dll!CoCreateInstance                                                        000007fefda47490 11 bytes JMP 000007fffd5c0228
.text    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[6040] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                       000007fefda5bf00 7 bytes JMP 000007fffd5c0260
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                    0000000077001401 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                      0000000077001419 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                    0000000077001431 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                    000000007700144a 2 bytes [00, 77]
.text    ...                                                                                                                                                                       * 9
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                       00000000770014dd 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                00000000770014f5 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                       000000007700150d 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                0000000077001525 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                      000000007700153d 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                           0000000077001555 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                    000000007700156d 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                      0000000077001585 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                         000000007700159d 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                      00000000770015b5 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                    00000000770015cd 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                00000000770016b2 2 bytes [00, 77]
.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                00000000770016bd 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                             0000000074be1429 7 bytes JMP 000000016bd5128f
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                    0000000074bfb223 5 bytes JMP 000000016bd51596
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                    0000000074c788f4 7 bytes JMP 000000016bd51339
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                    0000000074c78979 5 bytes JMP 000000016bd516b3
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                      0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                         0000000075491d1b 3 bytes JMP 000000016bd511d1
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW + 4                                     0000000075491d1f 1 byte [F6]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                       0000000075491dc9 3 bytes JMP 000000016bd51019
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW + 4                                   0000000075491dcd 1 byte [F6]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                           0000000075492aa4 3 bytes JMP 000000016bd5154b
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 4                                       0000000075492aa8 1 byte [F6]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                              0000000075492d0a 3 bytes JMP 000000016bd51276
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary + 4                                          0000000075492d0e 1 byte [F6]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                      0000000074f0e9a2 5 bytes JMP 000000016bd515af
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                        0000000074f0ebdc 5 bytes JMP 000000016bd5119a
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                     0000000077001401 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                       0000000077001419 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                     0000000077001431 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                     000000007700144a 2 bytes [00, 77]
.text    ...                                                                                                                                                                       * 9
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                        00000000770014dd 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                 00000000770014f5 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                        000000007700150d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                 0000000077001525 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                       000000007700153d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                            0000000077001555 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                     000000007700156d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                       0000000077001585 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                          000000007700159d 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                       00000000770015b5 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                     00000000770015cd 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                 00000000770016b2 2 bytes [00, 77]
.text    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                 00000000770016bd 2 bytes [00, 77]
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                0000000074be1429 7 bytes JMP 000000016bd5128f
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                       0000000074bfb223 5 bytes JMP 000000016bd51596
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                       0000000074c788f4 7 bytes JMP 000000016bd51339
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                       0000000074c78979 5 bytes JMP 000000016bd516b3
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                         0000000074c78ccf 5 bytes JMP 000000016bd5101e
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                            0000000075491d1b 3 bytes JMP 000000016bd511d1
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW + 4                                                                                        0000000075491d1f 1 byte [F6]
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                          0000000075491dc9 3 bytes JMP 000000016bd51019
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW + 4                                                                                      0000000075491dcd 1 byte [F6]
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                              0000000075492aa4 3 bytes JMP 000000016bd5154b
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 4                                                                                          0000000075492aa8 1 byte [F6]
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                 0000000075492d0a 3 bytes JMP 000000016bd51276
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary + 4                                                                                             0000000075492d0e 1 byte [F6]
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                         0000000074f0e9a2 5 bytes JMP 000000016bd515af
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                           0000000074f0ebdc 5 bytes JMP 000000016bd5119a
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                0000000074f85ea5 5 bytes JMP 000000016bd515e1
.text    D:\gmer\r5td0jsv.exe[6300] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                 0000000074fb9d0b 5 bytes JMP 000000016bd5122b

---- Threads - GMER 2.0 ----

Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:3508]                                                                                 000000006d8740f0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:4180]                                                                                 000000006d311120
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5236]                                                                                 0000000067c1e5e8
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5240]                                                                                 0000000067c1e5e8
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5856]                                                                                 0000000066c29420
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:3292]                                                                                 0000000066b1fe30
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:3304]                                                                                 0000000066a8b1c0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:1176]                                                                                 000000006df33840
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:2704]                                                                                 000000006df334b0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5148]                                                                                 000000006df33840
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:6036]                                                                                 000000006df334b0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5964]                                                                                 0000000067c1e5e8
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:6008]                                                                                 0000000066150b23
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5200]                                                                                 0000000066150b23
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:1804]                                                                                 000000006600e200
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:5300]                                                                                 0000000065ff4d60
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:4860]                                                                                 000000006ff562ee
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:6196]                                                                                 000000006bbf32fb
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208:6660]                                                                                 000000006f1617a4
Thread    [2388:2492]                                                                                                                                                              000000007234765f
Thread    [2388:2500]                                                                                                                                                              00000000723c2695
Thread    [2388:2656]                                                                                                                                                              00000000723c2695
Thread    [2388:3032]                                                                                                                                                              0000000077082e25
Thread    [2388:2848]                                                                                                                                                              00000000723c2695
Thread    [2388:2944]                                                                                                                                                              000000007229d454
Thread    [2388:2880]                                                                                                                                                              00000000723c2695
Thread    [2388:2508]                                                                                                                                                              00000000723c2695
Thread    [2388:3064]                                                                                                                                                              000000007228d6ff
Thread    [2388:3076]                                                                                                                                                              00000000723c2695
Thread    [2388:3084]                                                                                                                                                              0000000072553803
Thread    [2388:4188]                                                                                                                                                              0000000077083e45
Thread    [2388:3424]                                                                                                                                                              0000000077083e45
Thread    [2388:7012]                                                                                                                                                              0000000077083e45
Thread    [2388:1952]                                                                                                                                                              00000000723c2695
Thread    [2388:1044]                                                                                                                                                              00000000723c2695
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:5104]                                                                                 00000000729c7240
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:2600]                                                                                 00000000729c75f0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:2612]                                                                                 00000000729c75f0
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:4332]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:4444]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:5752]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:5684]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:5256]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:3368]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:1612]                                                                                 0000000072bcc59c
Thread   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184:6248]                                                                                 0000000072bcc59c
Thread   C:\Windows\System32\svchost.exe [5704:5296]                                                                                                                               000007feeb1a9688
---- Processes - GMER 2.0 ----

Library  ? (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2208]                                                             00000000712a0000
Library  ? (*** suspicious ***) @  [2388]                                                                                                                                          00000000011a0000
Library  ? (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [3184]                                                             000000000f000000
Library  ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [5704]                                                                                                           000007fefcc80000

---- Registry - GMER 2.0 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\20689d5f8cb9                                                                                               
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\20689d5f8cb9 (not active ControlSet)                                                                           

---- EOF - GMER 2.0 ----
__________________
case:Coolermaster pro5/p.s.u.:Seasonic P860w/m.b.:asus z170 pro/c.p.u.i5 6600k coolerNH-D15S /r.a.m.:G.Skill Ripjaws V3200 MHz 16gb/g.p.u.:Asus strix 1070/drive:n.1 ssd Samsung 850pro 512gb /s.c.:asus stx II/display:Benq xl24t 120hz/W10pro
lupo rosso è offline   Rispondi citando il messaggio o parte di esso
Old 18-09-2013, 16:37   #356
Clooster
Member
 
Iscritto dal: Jan 2009
Messaggi: 92
Salve ho effettuato una scansione con Gmer e dal log, che allego, non riesco a capirci granché, qualcuno puo' darmi una mano.
Grazie
http://wikisend.com/download/102566/GMER.txt
Clooster è offline   Rispondi citando il messaggio o parte di esso
Old 20-09-2013, 15:47   #357
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Clooster Guarda i messaggi
Salve ho effettuato una scansione con Gmer e dal log, che allego, non riesco a capirci granché, qualcuno puo' darmi una mano.
Grazie
http://wikisend.com/download/102566/GMER.txt
Non postare ovunque!
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 15-11-2013, 10:51   #358
gmergency
Junior Member
 
Iscritto dal: Nov 2013
Messaggi: 25
3rd party e log
buongiorno a tutti, ho visto che nell'ultima versione c'è questa casella 3rd party (che non ho selezionato per la scansione), qualcuno sa cosa riguarda e se è necessario selezionarla? grazie

posto il mio log è molto breve, grazie a chi mi darà qualunque info in merito, sono decisamente alle prime armi

Codice:
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-11-15 11:51:00
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: z3ktulen.exe; Driver: C:\Users\ACCESS~1\AppData\Local\Temp\awtdipob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe[2136] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory  0000000077100038 5 bytes JMP 00000001698f1986
.text  C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69               0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155              0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe[2988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe[2988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                  0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                 0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[1284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                  0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[1284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                 0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   0000000074c71465 2 bytes [C7, 74]
.text  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  0000000074c714bb 2 bytes [C7, 74]
.text  ...                                                                                                                                  * 2

---- Disk sectors - GMER 2.1 ----

Disk   \Device\Harddisk0\DR0                                                                                                                unknown MBR code

---- EOF - GMER 2.1 ----
gmergency è offline   Rispondi citando il messaggio o parte di esso
Old 03-12-2014, 02:10   #359
Puzzle68
Member
 
L'Avatar di Puzzle68
 
Iscritto dal: Mar 2012
Messaggi: 36
Ciao a tutti,
allego un nuovo log di Gmer con la speranza che questo thread non sia stato abbandonato, un grazie a chiunque mi possa aiutare.
Allegati
File Type: txt Scansione_03_12_14.txt (19.1 KB, 0 visite)
Puzzle68 è offline   Rispondi citando il messaggio o parte di esso
Old 29-03-2016, 00:40   #360
sonovaio
Member
 
Iscritto dal: Mar 2008
Messaggi: 204
Gmer mi ha scovato qualche elemento (sebbene alcuni non siano preoccupanti, li conosco), ma non sono riuscito a trovare il comando per eliminarli o metterli in quarantena. Forse perché è un programma che serve solo a stilare un log sul quale intervenire successivamente con altri software?

Allego il log di gmer qui: http://www.filedropper.com/gmerlog
e qui:
Codice:
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-03-28 23:26:45
Windows 6.1.7601 Service Pack 1 x64 
Running: r0js34ws.exe


---- Registry - GMER 2.2 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5025b0                                                                                                                                                                                                                                                                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5025b0@0015a88bf7a3                                                                                                                                                                                                                                                         0xDD 0xB1 0x7E 0x97 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5025b0@001ea3c45c0b                                                                                                                                                                                                                                                         0x31 0x60 0x5A 0x56 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5025b0 (not active ControlSet)                                                                                                                                                                                                                                                  
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5025b0@0015a88bf7a3                                                                                                                                                                                                                                                             0xDD 0xB1 0x7E 0x97 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5025b0@001ea3c45c0b                                                                                                                                                                                                                                                             0x31 0x60 0x5A 0x56 ...
Reg  HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{484B04BD-3C5E-B095-CAE6-2D842EBA8F81}                                                                                                                                                                                                                                  
Reg  HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{484B04BD-3C5E-B095-CAE6-2D842EBA8F81}@oafgnhkajbgppejjejfiaecapgokff                                                                                                                                                                                                   0x6A 0x61 0x6B 0x61 ...
Reg  HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@K:\DOCS\PROGRAMMI\PROTEZIONE\KASPERSKY\KIS 2013\LAST\Il Webmaster\Kaspersky Internet Security 2015 v15.0.2 + Nuovo Trial Reset con Licenza Infinita \x2013 ITA\KasInt15202361\Kaspersky Internet Security 2015 v15.0.2.361.0.144.0\Setup.exe  1
Reg  HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@K:\DOCS\PROGRAMMI\PROTEZIONE\KASPERSKY\KIS 2013\LAST\Il Webmaster\Kaspersky Internet Security 2015 v15.0.2 + Nuovo Trial Reset con Licenza Infinita \x2013 ITA\kis15.0.2.361it-it.exe                                                         1
Reg  HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@K:\DOCS\PROGRAMMI\PROTEZIONE\KASPERSKY\Kaspersky Total Security \x2013 Multi-Device\kts15.0.2.361en.exe                                                                                                                                       1

---- EOF - GMER 2.2 ----
Grazie
sonovaio è offline   Rispondi citando il messaggio o parte di esso
Pagina 18 di 19 « Prima < 8 14 15 16 17 18 19 >
 Rispondi

« Discussione precedente | Discussione successiva »

Recensione HUAWEI MatePad 11.5''S, con il display PaperMatte si scrive come sulla carta Recensione HUAWEI MatePad 11.5''S, con il displa...
Recensione HONOR 200 Pro: potrete fare ritratti da fotografo professionista!  Recensione HONOR 200 Pro: potrete fare ritratti ...
I robot tagliaerba che nascono in Italia: visita nella sede (e nella fabbrica) di Stiga I robot tagliaerba che nascono in Italia: visita...
Nutanix .NEXT 2024: oltre l'iperconvergenza per rimpiazzare VMware Nutanix .NEXT 2024: oltre l'iperconvergenza per ...
OMEN Transcend Gaming Laptop 14: compatto, leggero e una potenza con compromessi OMEN Transcend Gaming Laptop 14: compatto, legge...
Meta si ferma (per ora): non addestrer&a...
Notebook AMD Ryzen AI 300 e Intel Lunar ...
I nuovi notebook di fine 2024: cosa atte...
Prezzi bomba Amazfit: crolla a 89€ GTS 2...
Aspirano, lavano, 4000Pa: Laresar Evol 3...
Assassin's Creed e le polemiche su Yasuk...
Era finito, ora ancora 9 pezzi a 519€ pe...
La truffa email LIDL (ma ovviamente non ...
Weekend di sconti Amazon: iPhone 15 Pro ...
COMPUTEX 2024: un'edizione da ricordare ...
Intel ha capito, ma solo in parte, perch...
A 399€ Xiaomi X20+ è top e si spende anc...
DJI Mini 4 Pro in versione Fly More Comb...
Aperte le iscrizioni per i Sony World Ph...
Telescopio spaziale James Webb: analizza...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 13:24.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Served by www2v