Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

Slow processing

(New)
(!)

Morericewong's Avatar
Morericewong Morericewong is offline
Computer Specs
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2008
Experience: Intermediate
28-Jun-2012, 12:12 AM #1
Slow processing
Hi There

I recently got onto my mothers computer and things are running really slowly. not 100% its a virus or malware. Video clips on the hard drive/internet are not running smoothly. The GMER took almost like 3 hrs to complete. I have already run spybot scan with no results. Would be really grateful if someone could have a look at my logs for anything unusual.

Cheers
Maurice

HJT File

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:05 AM, on 28/06/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\samsung\panelmgr\SSMMgr.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ErrorTeck] C:\Program Files\ErrorTeck\ErrorTeck.exe /scan
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\samsung\panelmgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\WECPUpdate.exe -s
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HP Photosmart 7510 series (NET)] "C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN22E3416W05T6:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk = ?
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx
O16 - DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} (Confidence Online for Web Applications) - https://mcpuk1.jpmorgan.com/llclient...nxp/AXXPEE.dll
O16 - DPF: {785F7664-AD0E-4CBA-8F28-F6C485A9E648} (Web Class) - https://www-ap.myataw.com/ebctrl.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocx
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://sera-mtl.cgi.com/dana-cached...etupClient.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 14426 bytes

DDS File

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by M.S.Y. Technology at 10:55:35 on 2012-06-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.861 [GMT 10:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\samsung\panelmgr\SSMMgr.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Media Codec Update Service] c:\program files\essentials codec pack\WECPUpdate.exe -s
uRun: [Google Update] "c:\documents and settings\m.s.y. technology\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [HP Photosmart 7510 series (NET)] "c:\program files\hp\hp photosmart 7510 series\bin\ScanToPCActivationApp.exe" -deviceID "CN22E3416W05T6:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
mRun: [DT HPW] c:\program files\portrait displays\hp my display\DTHtml.exe -startup_folder
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ErrorTeck] c:\program files\errorteck\ErrorTeck.exe /scan
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [CDAServer] c:\program files\common files\common desktop agent\CDASrv.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
StartupFolder: c:\docume~1\msy~1.tec\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\asuswi~1.lnk - c:\program files\asus wifi-ap solo\RtWLan.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: SmarThru4 Capture Selection - c:\program files\smarthru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\smarthru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\smarthru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\smarthru 4\WebCapture.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} - hxxps://mcpuk1.jpmorgan.com/llclient/myatawap/winxp/AXXPEE.dll
DPF: {785F7664-AD0E-4CBA-8F28-F6C485A9E648} - hxxps://www-ap.myataw.com/ebctrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocx
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://sera-mtl.cgi.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9FE8F3AE-C4E9-41A2-83A8-92B29C33E2C3} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\m.s.y. technology\application data\mozilla\firefox\profiles\2vjtkdur.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
FF - prefs.js: keyword.URL - hxxp://au.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_au&p=
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\m.s.y. technology\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\m.s.y. technology\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\m.s.y. technology\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\m.s.y. technology\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Security Toolbar em:version=3.011.025.005 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg8\toolbar\firefox\avg@igeared
.
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-4-26 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-4-26 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-4-26 108552]
R1 NEOFLTR_640_16949;Juniper Networks TDI Filter Driver (NEOFLTR_640_16949);c:\windows\system32\drivers\NEOFLTR_640_16949.sys [2010-10-28 85360]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-5 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-5 297752]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2010-10-15 5120]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-4-3 176128]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2008-4-3 13532]
S1 NEOFLTR_550_12415;Juniper Networks TDI Filter Driver (NEOFLTR_550_12415);\??\c:\windows\system32\drivers\neofltr_550_12415.sys --> c:\windows\system32\drivers\NEOFLTR_550_12415.SYS [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-12-3 30192]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2007-7-27 14336]
S3 zgwhsdiag;ZTE WCDMA Handset Diagnostic Port;c:\windows\system32\drivers\zgwhsdiag.sys [2011-9-3 105216]
S3 zgwhsmdm;ZTE WCDMA Handset USB Modem;c:\windows\system32\drivers\zgwhsmdm.sys [2011-9-3 105216]
.
=============== Created Last 30 ================
.
2012-06-26 07:51:51 -------- d-----w- c:\windows\system32\appmgmt
2012-06-13 22:02:41 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-05-30 03:59:30 4966600 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M ====================
.
2012-06-02 05:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 05:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 05:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 05:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 05:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 05:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 05:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 05:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec
2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 11:01:32.29 ===============

ark file
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-28 13:51:55
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST3500630AS rev.3.AAK
Running: 578m0vl2.exe; Driver: C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\ugldqfob.sys


---- System - GMER 1.0.15 ----

SSDT speu.sys ZwCreateKey [0xB9EA80E0]
SSDT speu.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT speu.sys ZwEnumerateValueKey [0xB9EC7030]
SSDT speu.sys ZwOpenKey [0xB9EA80C0]
SSDT speu.sys ZwQueryKey [0xB9EC7108]
SSDT speu.sys ZwQueryValueKey [0xB9EC6F88]
SSDT speu.sys ZwSetValueKey [0xB9EC719A]

INT 0x01 \??\C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\mbr.sys B50E0C42
INT 0x83 ? 8A725BF8
INT 0x83 ? 8A4F7BF8
INT 0x83 ? 8A725BF8
INT 0x84 ? 8A4F7BF8
INT 0x94 ? 8A4F7BF8
INT 0x94 ? 8A4F7BF8
INT 0x94 ? 8A4F7BF8
INT 0x94 ? 8A4F7BF8
INT 0xA4 ? 8A4F7BF8
INT 0xB4 ? 8A722BF8
INT 0xB4 ? 8A722BF8
INT 0xB4 ? 8A722BF8
INT 0xB4 ? 8A722BF8
INT 0xB4 ? 8A722BF8

---- Kernel code sections - GMER 1.0.15 ----

? speu.sys The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8CF4360, 0x307F47, 0xE8000020]
.text USBPORT.SYS!DllUnload B8CD48AC 5 Bytes JMP 8A4F71D8
.text agw5l2ot.SYS B8C0C384 1 Byte [20]
.text agw5l2ot.SYS B8C0C384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
.text agw5l2ot.SYS B8C0C3AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
.text agw5l2ot.SYS B8C0C3C4 3 Bytes [00, 00, 00]
.text agw5l2ot.SYS B8C0C3C9 1 Byte [00]
.text ...
init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB597AA00]
? C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 3B, 00] {SUB [EAX], AL; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 3B, 00] {SUB [EBX], AL; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 3B, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 3B, 00] {TEST AL, 0x1; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91111A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 3B, 00] {TEST AL, 0x2; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 3B, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 3B, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91118B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 3B, 00] {TEST AL, 0x0; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9112B9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 3B, 00] {SUB [ECX], AL; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 3B, 00] {SUB [EDX], AL; CMP EAX, [EAX]}
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 3B, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B910D1A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910D8B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910EB9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 37, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91031A
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91038B
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9104B9
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 2D, 00]
.text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] speu.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] speu.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] speu.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] speu.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] speu.sys
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfRaiseIrql] 000000AF
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfLowerIrql] 0000009C
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!HalGetInterruptVector] 000000A4
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!HalTranslateBusAddress] 00000072
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_USHORT] 00000093
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB9048] speu.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003E0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003D0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00580010

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A7921F8
Device \FileSystem\Udfs \UdfsCdRom 8A41D1F8
Device \FileSystem\Udfs \UdfsDisk 8A41D1F8

AttachedDevice \Driver\Tcpip \Device\Ip NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)

Device \Driver\usbuhci \Device\USBPDO-0 8A4F51F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A7941F8
Device \Driver\dmio \Device\DmControl\DmConfig 8A7941F8
Device \Driver\dmio \Device\DmControl\DmPnP 8A7941F8
Device \Driver\dmio \Device\DmControl\DmInfo 8A7941F8
Device \Driver\usbuhci \Device\USBPDO-1 8A4F51F8
Device \Driver\usbuhci \Device\USBPDO-2 8A4F51F8
Device \Driver\usbehci \Device\USBPDO-3 8A4D21F8
Device \Driver\usbuhci \Device\USBPDO-4 8A4F51F8

AttachedDevice \Driver\Tcpip \Device\Tcp NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)

Device \Driver\usbuhci \Device\USBPDO-5 8A4F51F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9FE8F3AE-C4E9-41A2-83A8-92B29C33E2C3} 8A4451F8
Device \Driver\usbuhci \Device\USBPDO-6 8A4F51F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A7231F8
Device \Driver\usbehci \Device\USBPDO-7 8A4D21F8
Device \Driver\Cdrom \Device\CdRom0 8A48F1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 8A48F1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A4451F8
Device \Driver\USBSTOR \Device\00000091 89D7E1F8
Device \Driver\sptd \Device\3387506962 speu.sys
Device \Driver\NetBT \Device\NetbiosSmb 8A4451F8
Device \Driver\PCI_PNP0712 \Device\0000004d speu.sys

AttachedDevice \Driver\Tcpip \Device\Udp NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\USBSTOR \Device\00000097 89D7E1F8
Device \Driver\usbuhci \Device\USBFDO-0 8A4F51F8
Device \Driver\usbuhci \Device\USBFDO-1 8A4F51F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A39F1F8
Device \Driver\usbuhci \Device\USBFDO-2 8A4F51F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A39F1F8
Device \Driver\usbehci \Device\USBFDO-3 8A4D21F8
Device \Driver\usbuhci \Device\USBFDO-4 8A4F51F8
Device \Driver\Ftdisk \Device\FtControl 8A7231F8
Device \Driver\usbuhci \Device\USBFDO-5 8A4F51F8
Device \Driver\usbuhci \Device\USBFDO-6 8A4F51F8
Device \Driver\usbehci \Device\USBFDO-7 8A4D21F8
Device \Driver\agw5l2ot \Device\Scsi\agw5l2ot1Port5Path0Target0Lun0 8A44B1F8
Device \Driver\agw5l2ot \Device\Scsi\agw5l2ot1 8A44B1F8
Device \Driver\JRAID \Device\Scsi\JRAID1 8A7931F8
Device \FileSystem\Cdfs \Cdfs 89D4F1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4@khjeh 0x86 0x20 0xB2 0x31 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C 53EA4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@khjeh 0x86 0x20 0xB2 0x31 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4@khjeh 0x86 0x20 0xB2 0x31 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA 4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...

---- EOF - GMER 1.0.15 ----
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,546 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 10:53 AM #2
Right-click MY COMPUTER, then click Properties.

Advise what's listed in the Computer: section in the bottom of the "General" tab - EXACTLY as you see it there.

That information will show us how much RAM is dedicated to Windows XP and if the processor is running at its rated speed.

-------------------------------------------------------

AVG Free 8.5 is extremely outdated.

Uninstall it, then replace it with Microsoft Security Essentials.

It's light-weight and very user-friendly and well-recommended here.

-------------------------------------------------------

Java(TM) 6 Update 5 needs to be uninstalled.

Java(TM) 6 Update 26 needs to be updated to Java Runtime Environment 1.6.0.33(6 Update 33).

6 update 33 will overwrite and replace 6 Update 26, so there's no need to uninstall it first.

Note: Click the green icon with white "down" arrow link.

-------------------------------------------------------

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
both need to be updated to their current version: 11.3.300.257 and 11.3.300.262.

The new version should overwrite and replace the old version, so there's no need to uninstall it first.

Note: Click the green icon with white "down" arrow link.

-------------------------------------------------------

Uninstall Spybot - Search & Destroy, then replace it with the free version of
Malwarebytes Anti-Malware
and SUPERAntiSpyware.

They're not problematic like Spybot and they're very user-friendly and well-recommended here.

Update their definition files during the install process, and uncheck and decline to install any extras that are offered.

-------------------------------------------------------

Skype 5.8 needs to be updated to version 5.10.0.114.

Note: Click the green icon with white "down" arrow link.

-------------------------------------------------------
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑