GMER 2.0.18454 - http://www.gmer.net Rootkit scan 2013-01-28 00:21:00 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1 OCZ-VERT rev.2.15 111,79GB Running: k40sseph.exe; Driver: C:\Users\Kucu\AppData\Local\Temp\pgddqpoc.sys ---- User code sections - GMER 2.0 ---- .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1572] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000764a87b1 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 000000006cfe17fa 2 bytes [FE, 6C] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 000000006cfe1860 2 bytes [FE, 6C] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 000000006cfe1942 2 bytes [FE, 6C] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 000000006cfe194d 2 bytes [FE, 6C] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Windows\SysWOW64\PnkBstrA.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Roaming\Dropbox\bin\Dropbox.exe[3716] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Users\Kucu\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN[3928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe[1772] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769c1401 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769c1419 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769c1431 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769c144a 2 bytes [9C, 76] .text ... * 9 .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769c14dd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769c14f5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769c150d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769c1525 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769c153d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769c1555 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769c156d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769c1585 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769c159d 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769c15b5 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769c15cd 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769c16b2 2 bytes [9C, 76] .text C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[4780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769c16bd 2 bytes [9C, 76] ---- User IAT/EAT - GMER 2.0 ---- IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppId] [7fef89d2750] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetMachineId] [7fef89d2b98] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmWriteSharedMachineId] [7fef89d7de0] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmCreateNewId] [7fef89d8130] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmReadSharedMachineId] [7fef89d1908] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmGetSession] [7fef89d1c00] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartUpload] [7fef89d81d8] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSet] [7fef89d2878] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamString] [7fef89d7a5c] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmIncrement] [7fef89d6c48] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamDWord] [7fef89d77bc] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppVersion] [7fef89d7064] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartSession] [7fef89d6544] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmEndSession] [7fef89d5e30] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll ---- Processes - GMER 2.0 ---- Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\wininit.exe [692] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\lsass.exe [816] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [484] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [916] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1100] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1368] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [1736] 000007fefd460000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [1572] 000000006c940000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2096] 000000006c940000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2196] 000000006c940000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Windows\SysWOW64\PnkBstrA.exe [2276] 000000006c940000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2324] 000007fefd460000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2496] 000007fefd460000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2940] 000000006c940000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ c:\users\kucu\appdata\local\temp\datc9dd.tmp.exe [3912] 000000006c940000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [3444] 000007fefd460000 Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe [1772] 000000006c940000 Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [4504] 000007fefd460000 ---- Files - GMER 2.0 ---- File C:\Windows\Installer\{f0f06552-aeba-4015-962f-bdddf06576d8}\U\00000008.@ 232960 bytes executable File C:\Windows\Installer\{f0f06552-aeba-4015-962f-bdddf06576d8}\U\000000cb.@ 1632 bytes executable ---- EOF - GMER 2.0 ----