1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

All programs moving in SLOW MOTION

Discussion in 'Virus & Other Malware Removal' started by vealj, Feb 17, 2013.

Thread Status:
Not open for further replies.
  1. vealj

    vealj Thread Starter

    Joined:
    Jan 2, 2005
    Messages:
    170
    DETAILED DESCRIPTION OF ISSUES:
    All programs, including those that do not require access to the internet, are loading and processing information at a snails pace. By that I mean that the opening of Chrome, IE, Windows Media Player, Adobe Reader, etc. open and run with sluggishness that requires the patience of Job. It takes approximately 5-7 minutes to open Chrome or IE. After that response times for commands(clicks) take 3-4 minutes to produce pages. I have a 4G internet connection that ranges from 1.5M to 6M depending on traffic. Operations on my iPad, Motorla RAZR M smartphone operate with normal speed.
    Pasted below are the details of the reports requested on the Sticky - http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html

    Thanks in advance for any insight you can provide!

    Hijack This:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:08:24 PM, on 2/17/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2013\avgidsagent.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\Program Files\AVG\AVG2013\avgnsx.exe
    C:\Program Files\AVG\AVG2013\avgemcx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\AVG\AVG2013\avgmfapx.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Mika\My Documents\Downloads\HijackThis.exe
    C:\WINDOWS\SoftwareDistribution\Download\9494dd95d5df913165ad39b4385b6fb3\update\update.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Rim.DesktopHelper.exe] C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mika\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1318198613281
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10225 bytes

    DDS File:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.13.2
    Run by Mika at 20:27:14 on 2013-02-17
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.138 [GMT -6:00]
    .
    AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ================
    .
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\AVG\AVG2013\avgmfapx.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Mika\My Documents\Downloads\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\AVG\AVG2013\fixcfg.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/ig
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
    TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Rim.DesktopHelper.exe] c:\program files\research in motion\blackberry desktop\Rim.DesktopHelper.exe
    uRun: [Google Update] "c:\documents and settings\mika\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [AccelerometerSysTrayApplet] c:\windows\system32\AccelerometerSt.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1318198613281
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    TCP: NameServer = 192.168.15.1
    TCP: Interfaces\{2E9E664E-2F40-46A3-A517-F20131CDAE2C} : DHCPNameServer = 192.168.15.1
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R? HP24X;HP PC Card Smart Card Reader
    R? rismc32;RICOH Smart Card Reader
    R? WinRM;Windows Remote Management (WS-Management)
    S? AVGIDSAgent;AVGIDSAgent
    S? AVGIDSDriver;AVGIDSDriver
    S? AVGIDSHX;AVGIDSHX
    S? AVGIDSShim;AVGIDSShim
    S? Avgldx86;AVG AVI Loader Driver
    S? Avglogx;AVG Logging Driver
    S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
    S? Avgrkx86;AVG Anti-Rootkit Driver
    S? Avgtdix;AVG TDI Driver
    S? avgwd;AVG WatchDog
    S? Com4QLBEx;Com4QLBEx
    S? IFXTPM;IFXTPM
    .
    =============== Created Last 30 ================
    .
    2013-02-06 17:09:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    .
    ==================== Find3M ====================
    .
    2013-02-10 14:41:30 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-02-10 14:41:30 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-02-06 17:09:41 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
    2013-02-06 17:09:41 782240 ----a-w- c:\windows\system32\deployJava1.dll
    2013-02-06 17:09:41 143872 ----a-w- c:\windows\system32\javacpl.cpl
    2013-01-18 23:43:42 16369160 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    .
    ============= FINISH: 20:37:24.59 ===============

    Attach File:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 6/24/2011 7:31:25 AM
    System Uptime: 2/17/2013 4:27:43 PM (4 hours ago)
    .
    Motherboard: Hewlett-Packard | | 30BE
    Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U10 | 1998/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 149 GiB total, 129.687 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
    Description: Intel Processor
    Device ID: ACPI\GENUINEINTEL_-_X86_FAMILY_6_MODEL_15\_0
    Manufacturer: Intel
    Name: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
    PNP Device ID: ACPI\GENUINEINTEL_-_X86_FAMILY_6_MODEL_15\_0
    Service: intelppm
    .
    Class GUID: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
    Description: Intel Processor
    Device ID: ACPI\GENUINEINTEL_-_X86_FAMILY_6_MODEL_15\_1
    Manufacturer: Intel
    Name: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz
    PNP Device ID: ACPI\GENUINEINTEL_-_X86_FAMILY_6_MODEL_15\_1
    Service: intelppm
    .
    Class GUID: {4D36E977-E325-11CE-BFC1-08002BE10318}
    Description: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_30BE103C&REV_B9\4&3B3A03B5&0&30F0
    Manufacturer: RICOH
    Name: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    PNP Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_30BE103C&REV_B9\4&3B3A03B5&0&30F0
    Service: pcmcia
    .
    Class GUID: {4D36E977-E325-11CE-BFC1-08002BE10318}
    Description: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_30BE103C&REV_B9\4&3B3A03B5&0&31F0
    Manufacturer: RICOH
    Name: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    PNP Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_30BE103C&REV_B9\4&3B3A03B5&0&31F0
    Service: pcmcia
    .
    Class GUID: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
    Description: OHCI Compliant IEEE 1394 Host Controller
    Device ID: PCI\VEN_1180&DEV_0832&SUBSYS_30BE103C&REV_03\4&3B3A03B5&0&32F0
    Manufacturer: IEEE 1394 OHCI Compliant Host Controller Vendor
    Name: OHCI Compliant IEEE 1394 Host Controller
    PNP Device ID: PCI\VEN_1180&DEV_0832&SUBSYS_30BE103C&REV_03\4&3B3A03B5&0&32F0
    Service: ohci1394
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Adobe ConnectNow Add-in
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.5)
    Adobe Shockwave Player 11.6
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AuthenTec Fingerprint Sensor Minimum Install
    AVG 2013
    Bonjour
    CCleaner
    CDBurnerXP
    Embedded Security for HP ProtectTools Driver
    Foxit Reader 5.0
    Google Chrome
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    HP Integrated Module with Bluetooth wireless technology
    HP Mobile Data Protection System
    HP PCMCIA Smart Card Reader
    HP Product Detection
    HP Quick Launch Buttons
    InstallIQ Updater
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Network Connections Drivers
    iTunes
    Java 7 Update 13
    Java Auto Updater
    Java(TM) 6 Update 33
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office File Validation Add-In
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    MSVCRT
    Picasa 3
    QLBCASL
    QuickTime
    RICOH Media Driver
    RICOH R5C853 Driver WXP Ver.1.01.05
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB2799329)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Segoe UI
    Soft Data Fax Modem with SmartCP
    SoundMAX
    SpywareBlaster 4.6
    swMSM
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    WebFldrs XP
    WebSlingPlayer ActiveX
    Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Search 4.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/17/2013 12:37:04 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
    2/10/2013 8:42:04 PM, error: WPDMTPDriver [15300] - MTP WPD Driver has failed to start. Error 0x8007001f.
    2/10/2013 8:27:35 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ohci1394 Pcmcia
    2/10/2013 8:27:29 AM, error: Service Control Manager [7000] - The rimmptsk service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    2/10/2013 8:27:28 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    2/10/2013 4:49:26 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
    2/10/2013 4:49:15 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    2/10/2013 3:53:47 PM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================

    GMR File:

    GMER 2.1.18952 - http://www.gmer.net
    Rootkit scan 2013-02-17 22:38:51
    Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.FB2O 149.05GB
    Running: tvuz6tjp.exe; Driver: C:\DOCUME~1\Mika\LOCALS~1\Temp\kwqiqpow.sys


    ---- System - GMER 2.1 ----

    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xAA3DA14A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xAA3DA21A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xAA3D9D7C]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendProcess [0xAA3D9F6A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendThread [0xAA3DA000]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xAA3D9E32]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xAA3D9ECE]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xAA3DA09C]

    INT 0x01 \??\C:\DOCUME~1\Mika\LOCALS~1\Temp\mbr.sys F7969C42

    ---- Kernel code sections - GMER 2.1 ----

    ? C:\DOCUME~1\Mika\LOCALS~1\Temp\mbr.sys The filename, directory name, or volume label syntax is incorrect. !

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 28, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 2B, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 28, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 29, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC42
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 2A, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 29, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 2A, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ECB3
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 28, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDE1
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 29, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 2A, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 2B, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[784] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\WINDOWS\system32\SearchIndexer.exe[2448] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 3C, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 3F, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 3C, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 3D, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC56
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 3E, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 3D, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 3E, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ECC7
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 3C, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDF5
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 3D, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 3E, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 3F, 16, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4544] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 74, AB, 00] {SUB [EBX+EBP*4+0x0], DH}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 77, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 74, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 75, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91818E
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 76, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 75, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 76, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9181FF
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 74, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91832D
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 75, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 76, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 77, AB, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4932] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, EC, 72, 00] {SUB AH, CH; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, EF, 72, 00] {SUB BH, CH; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, EC, 72, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, ED, 72, 00] {TEST AL, 0xed; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B914906
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, EE, 72, 00] {TEST AL, 0xee; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, ED, 72, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, EE, 72, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B914977
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, EC, 72, 00] {TEST AL, 0xec; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B914AA5
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, ED, 72, 00] {SUB CH, CH; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, EE, 72, 00] {SUB DH, CH; JB 0x4}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, EF, 72, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[4956] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, DC, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DF, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, DC, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, DD, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91CAF6
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DE, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, DD, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DE, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91CB67
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, DC, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91CC95
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, DD, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DE, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DF, F4, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5412] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 88, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 8B, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 88, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 89, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9131A2
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 8A, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 89, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 8A, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B913213
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 88, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B913341
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 89, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 8A, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 8B, 5B, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5552] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 74, 55, 00] {SUB [EBP+EDX*2+0x0], DH}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 77, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 74, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 75, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B8E
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 76, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 75, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 76, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912BFF
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 74, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912D2D
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 75, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 76, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 77, 55, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5940] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D8, D9, 00] {SUB AL, BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DB, D9, 00] {SUB BL, BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D8, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D9, D9, 00] {TEST AL, 0xd9; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91AFF2
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DA, D9, 00] {TEST AL, 0xda; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D9, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DA, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91B063
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D8, D9, 00] {TEST AL, 0xd8; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B191
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D9, D9, 00] {SUB CL, BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DA, D9, 00] {SUB DL, BL; FLD DWORD [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DB, D9, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[6088] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- EOF - GMER 2.1 ----
     
  2. vealj

    vealj Thread Starter

    Joined:
    Jan 2, 2005
    Messages:
    170
    *bump*
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - programs moving SLOW
  1. triciabard
    Replies:
    7
    Views:
    683
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1089967

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice