Computer running slow...

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

DonnieR

Thread Starter
Joined
Jan 6, 2013
Messages
5
I've noticed my PC is running a little slow esp. while I am on the internet; tabs open slow, pages load slow, etc

I think I have some malware/spyware issues.

Thanks in advance!


HiJack Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:03:26 PM, on 1/18/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system\wcdvtray.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\DS\dskl.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Documents and Settings\Donnie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Donnie\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Documents and Settings\Donnie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Donnie\My Documents\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - !{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OWCWebCamDV] C:\WINDOWS\system\wcdvtray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [dskl] C:\DS\dskl.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Donnie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Donnie\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Documents and Settings\Donnie\Application Data\Spotify\Data\SpotifyWebHelper.exe"
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.youtube.com
O16 - DPF: Web-Based Email Tools - http://email.secureserver.net/Download.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1215652211593
O16 - DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} (WNICheck2 Class) - http://www.convergysworkathome.com/AppHardT.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - C:\WINDOWS\system32\lxducoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxMediaDB9 - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (file missing)
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (file missing)
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 19952 bytes


-----------------
DSS Log

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Donnie at 22:06:06 on 2013-01-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1279.426 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: User Protection *Enabled/Outdated* {28e00e3b-806e-4533-925c-f4c3d79514b9}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system\wcdvtray.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\DS\dskl.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Documents and Settings\Donnie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Donnie\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Documents and Settings\Donnie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
uURLSearchHooks: {03402f96-3dc7-4285-bc50-9e81fefafe43} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Groove Folder Synchronization: {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\donnie\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Akamai NetSession Interface] "c:\documents and settings\donnie\local settings\application data\akamai\netsession_win.exe"
uRun: [Spotify Web Helper] "c:\documents and settings\donnie\application data\spotify\data\SpotifyWebHelper.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [WINDVDPatch] CTHELPER.EXE
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [OWCWebCamDV] c:\windows\system\wcdvtray.exe
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [lxdumon.exe] "c:\program files\lexmark 5600-6600 series\lxdumon.exe"
mRun: [lxduamon] "c:\program files\lexmark 5600-6600 series\lxduamon.exe"
mRun: [Lexmark 5600-6600 Series Fax Server] "c:\program files\lexmark 5600-6600 series\fm3032.exe" /s
mRun: [Jet Detection] "c:\program files\creative\sblive\program\ADGJDet.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FaxCenterServer] "c:\program files\\lexmark fax solutions\fm3032.exe" /s
mRun: [dskl] c:\ds\dskl.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 8\drag to disc\DrgToDsc.exe"
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\donnie\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\norton~1.lnk - c:\program files\norton goback\GBTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoCDBurning = dword:1
mPolicies-Explorer: BackupNoCDBurning = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - <no file>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1215652211593
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{5CEBA84A-7B8C-48E9-B923-387B1EFACEC8} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 209.18.47.61 209.18.47.62
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
AppInit_DLLs=
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 relog_ap
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\donnie\application data\mozilla\firefox\profiles\lhf0vqva.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff5.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\donnie\application data\move networks\plugins\npqmp071505000010.dll
FF - plugin: c:\documents and settings\donnie\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\donnie\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\donnie\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\donnie\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\donnie\local settings\application data\robloxversions\version-5fb0645efa584e24\NPRobloxProxy.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPHoldemFireLauncher.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwbe.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - ExtSQL: !HIDDEN! 2009-09-01 18:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(protocol-handler.warn-external.dnUpdate, false);user_pref(extensions.autoDisableScopes, 14
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 35552]
R1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2009-12-25 10624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 164832]
R2 agentcd;DriverAgent Class Driver;c:\windows\system32\AgentCD.sys [2009-9-20 196096]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-12 14336]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]
R2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [2010-5-11 98984]
R2 Mojave;Dazzle Mojave Device;c:\windows\system32\drivers\Mojave.sys [2002-9-25 120352]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 WebCamDV;WebCamDV DV to Webcam Converter;c:\windows\system32\drivers\WebCamDV.sys [2004-9-17 212608]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 dump_wmimmc;dump_wmimmc;\??\c:\aeriagames\wolfteam\gameguard\dump_wmimmc.sys --> c:\aeriagames\wolfteam\gameguard\dump_wmimmc.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 udfpt;udfpt;c:\windows\system32\drivers\udfpt.sys --> c:\windows\system32\drivers\udfpt.sys [?]
S3 vtdg46xx;vtdg46xx;\??\c:\progra~1\turtle~1\santac~1\contro~1\vtdg46xx.sys --> c:\progra~1\turtle~1\santac~1\contro~1\vtdg46xx.sys [?]
S3 WCDV_Aud;WevCamDV WDM Virtual Audio Device;c:\windows\system32\drivers\wcdvaud.sys [2004-9-17 12672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: DigitalTheatre.exe: open="c:\program files\arcsoft\totalmedia extreme\digital theatre\uDTStart.exe" "%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-26 18:50:15 -------- d-----w- c:\program files\iPod
2012-12-26 18:50:06 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-26 18:50:05 -------- d-----w- c:\program files\iTunes
.
==================== Find3M ====================
.
2013-01-09 19:37:22 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 19:37:22 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-22 19:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2010-10-09 23:40:03 1166003456 ----a-w- c:\program files\CombatArmsSetupV51.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe GoBack2K.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
c:\windows\system32\drivers\GoBack2K.sys Symantec Corporation Norton GoBack
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x8A508AB8]
3 CLASSPNP[0xF7657FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000076[0x8A586F18]
5 ACPI[0xF75AE620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x8A53BD98]
kernel: MBR read successfully
_asm { CALL 0x56; }
user != kernel MBR !!!
.
============= FINISH: 22:08:00.46 ===============

ATTACH LOG

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/9/2008 7:53:27 PM
System Uptime: 1/15/2013 6:17:33 PM (76 hours ago)
.
Motherboard: Intel Corporation | | D845PT
Processor: Intel(R) Pentium(R) 4 CPU 1.70GHz | J1E1 | 1694/100mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 229.226 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 150 GiB total, 88.378 GiB free.
G: is FIXED (NTFS) - 148 GiB total, 145.445 GiB free.
H: is Removable
I: is FIXED (NTFS) - 149 GiB total, 102.94 GiB free.
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1758: 10/23/2012 4:31:36 AM - System Checkpoint
RP1759: 10/24/2012 5:28:10 AM - System Checkpoint
RP1760: 10/27/2012 6:00:36 PM - Software Distribution Service 3.0
RP1761: 10/28/2012 7:58:13 PM - System Checkpoint
RP1762: 11/1/2012 1:15:32 PM - System Checkpoint
RP1763: 11/3/2012 3:40:47 PM - Installed Java 7 Update 9
RP1764: 11/12/2012 3:36:16 AM - System Checkpoint
RP1765: 11/15/2012 6:01:44 PM - Software Distribution Service 3.0
RP1766: 11/16/2012 10:04:23 PM - System Checkpoint
RP1767: 11/17/2012 2:20:02 AM - Installed AVG PC TuneUp
RP1768: 11/18/2012 10:45:03 PM - System Checkpoint
RP1769: 11/20/2012 2:47:40 PM - System Checkpoint
RP1770: 11/22/2012 10:25:34 PM - System Checkpoint
RP1771: 11/24/2012 8:55:50 PM - System Checkpoint
RP1772: 11/28/2012 2:29:42 AM - System Checkpoint
RP1773: 12/10/2012 3:50:40 PM - Removed AVG PC TuneUp
RP1774: 12/10/2012 3:55:11 PM - Removed AVG PC TuneUp Language Pack (en-US)
RP1775: 12/12/2012 6:01:14 PM - Software Distribution Service 3.0
RP1776: 12/13/2012 6:00:30 PM - Software Distribution Service 3.0
RP1777: 12/14/2012 10:26:32 AM - Software Distribution Service 3.0
RP1778: 12/14/2012 6:05:09 PM - Installed DirectX
RP1779: 12/15/2012 5:09:41 PM - Installed AVG 2013
RP1780: 12/15/2012 5:12:02 PM - Installed AVG 2013
RP1781: 12/16/2012 10:55:00 AM - Software Distribution Service 3.0
RP1782: 12/16/2012 8:26:38 PM - Removed Google Earth.
RP1783: 12/17/2012 9:09:02 PM - System Checkpoint
RP1784: 12/19/2012 4:04:34 AM - System Checkpoint
RP1785: 12/21/2012 6:00:33 PM - Software Distribution Service 3.0
RP1786: 12/22/2012 7:41:36 PM - System Checkpoint
RP1787: 12/23/2012 10:08:10 PM - System Checkpoint
RP1788: 12/24/2012 10:50:41 PM - System Checkpoint
RP1789: 12/26/2012 4:54:49 AM - System Checkpoint
RP1790: 12/26/2012 12:11:33 PM - Removed iTunes
RP1791: 12/26/2012 12:47:46 PM - Installed iTunes
RP1792: 12/27/2012 1:21:34 PM - System Checkpoint
RP1793: 12/28/2012 3:43:48 PM - System Checkpoint
RP1794: 12/29/2012 4:27:37 PM - System Checkpoint
RP1795: 12/30/2012 7:43:27 PM - System Checkpoint
RP1796: 12/31/2012 10:58:21 PM - System Checkpoint
RP1797: 1/1/2013 11:03:49 PM - System Checkpoint
RP1798: 1/3/2013 5:51:02 AM - System Checkpoint
RP1799: 1/4/2013 12:51:56 PM - System Checkpoint
RP1800: 1/4/2013 6:00:33 PM - Software Distribution Service 3.0
RP1801: 1/7/2013 12:58:36 AM - System Checkpoint
RP1802: 1/7/2013 7:16:56 AM - System Checkpoint
RP1803: 1/7/2013 6:02:20 PM - Software Distribution Service 3.0
RP1804: 1/8/2013 7:47:37 PM - System Checkpoint
RP1805: 1/9/2013 3:13:57 PM - Software Distribution Service 3.0
RP1806: 1/10/2013 3:23:14 PM - System Checkpoint
RP1807: 1/11/2013 4:34:40 PM - System Checkpoint
RP1808: 1/12/2013 5:37:53 PM - System Checkpoint
RP1809: 1/12/2013 6:00:24 PM - Software Distribution Service 3.0
RP1810: 1/13/2013 6:42:57 PM - System Checkpoint
RP1811: 1/14/2013 7:22:04 PM - System Checkpoint
RP1812: 1/15/2013 6:00:30 PM - Software Distribution Service 3.0
RP1813: 1/16/2013 6:09:52 PM - System Checkpoint
RP1814: 1/17/2013 7:04:54 PM - System Checkpoint
RP1815: 1/18/2013 7:15:54 PM - System Checkpoint
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Acronis*Disk Director Suite
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat 5.0
Adobe Acrobat 8 Professional
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Design Premium
Adobe CS4 American English Speech Analysis Models
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Device Central CS4
Adobe Dreamweaver CS3
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS3
Adobe Extension Manager CS4
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS3
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader X (10.1.5)
Adobe Setup
Adobe Shockwave Player 11.6
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe XMP Panels CS4
AdobeColorCommonSetRGB
AHV content for Acrobat and Flash
Akamai NetSession Interface
Akamai NetSession Interface Service
Any Video Converter 3.2.7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 4
ArcSoft TotalMedia Extreme
Ask Toolbar
Ask Toolbar Updater
Audacity 2.0
Avery Template
AVG 2013
Bing Bar
Bonjour
CCleaner
Conexant HSF V92 56K Data Fax PCI Modem
ConvertHelper 2.2
Cool 3GP To MPEG Converter 1.0
Cool FLV To MPEG Converter 1.0
Cool MOV To MPEG Converter 1.0
Cool VOB To MPEG Converter 1.0
Defraggler
DesignPro 5.4 Limited Edition
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DVD Architect Pro 5.2
Finale NotePad 2012
FLV Converter 3.2
FTP Commander
FVD Suite 3.0.0
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GoToMeeting 4.0.0.320
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB942288-v3)
iLivid
InstallMgr
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 33
Java(TM) 6 Update 7
JavaFX 2.1.1
Lexmark 5600-6600 Series
Lexmark Fax Solutions
Lexmark Printable Web
Lexmark Toolbar
Lexmark Tools for Office
LiveUpdate 2.5 (Symantec Corporation)
MahJongg Solitaire 3D
Memorex exPressit Label Design Studio
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows Media Video 9 VCM
Microsoft XML Parser
Microsoft XNA Framework Redistributable 4.0
Move Media Player
Movie Studio Pro Hardware
Mozilla Firefox 16.0.1 (x86 en-US)
Mozilla Maintenance Service
MPlugin_USA
MSN
MSN Toolbar
MSVCRT Redists
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
Norton GoBack 4.02 (Symantec Corporation)
NVIDIA Display Driver
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Open Yahtzee
Pando Media Booster
PDF Settings
Photoshop Camera Raw
QuickTime
Recuva
Roxio Easy Media Creator 8 Suite
Sea Battle
Seagate*DiscWizard
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB982132)
Shareaza 2.4.0.0
SmartMusic 2011
SOAP3 and XML4
SoftV90 Data Fax Modem
Sony ACID Music Studio 7.0
Sony DVD Architect 4.0
Sony Media Manager 2.2
Sony Vegas 7.0
Sound Blaster Live! Web 2K/XP
Spotify
Spybot - Search & Destroy
Suite Shared Configuration CS4
swMSM
System Requirements Lab
TWC User Controls
Unlocker 1.8.8
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
VASST PIPSelection 1.2.0
VC80CRTRedist - 8.0.50727.6195
Viewpoint Media Player
Web-Based Email Tools
WebFldrs XP
Windows Defender
Windows Driver Package - MARS (MR97310_USB_DUAL_CAMERA) Image (12/03/2002 1.2.9.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows XP Service Pack 3
WinZip 11.2
Xara Dreamweaver Extension 1.02
Xara FrontPage Add-in 1.01
Xara Webstyle 4
Xara Xtreme 3.2
Xara Xtreme 5
Xara3D6
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.1 final uninstall
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Messenger
Zoo Tycoon 2 - Ultimate Collection
.
==== Event Viewer Messages From Past Week ========
.
1/14/2013 7:36:37 PM, error: System Error [1003] - Error code 00000050, parameter1 e17a901c, parameter2 00000000, parameter3 bf82ebc1, parameter4 00000001.
1/12/2013 6:23:32 PM, error: DM9102 [5002] - \DEVICE\{5CEBA84A-7B8C-48E9-B923-387B1EFACEC8} : Has determined that the adapter is not functioning properly.
1/12/2013 6:21:00 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
1/12/2013 6:20:45 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
1/12/2013 6:20:45 PM, error: Service Control Manager [7000] - The WebCamDV DV to Webcam Converter service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/12/2013 6:20:45 PM, error: Service Control Manager [7000] - The TrackerCam Video Capture Driver 4.0 service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/12/2013 4:52:12 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
.
==== End Of File ===========================

GMER LOG

GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-18 22:33:17
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 rev. 298.09GB
Running: bezndinu.exe; Driver: C:\DOCUME~1\Donnie\LOCALS~1\Temp\uwtdipow.sys


---- System - GMER 2.0 ----

SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwClose [0xF7440EC0]
SSDT GoBack2K.sys (Norton GoBack Engine Driver/Symantec Corporation) ZwFsControlFile [0xF7440F50]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xBA6DD14A]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xBA6DD21A]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xBA6DCD7C]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendProcess [0xBA6DCF6A]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwSuspendThread [0xBA6DD000]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xBA6DCE32]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xBA6DCECE]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xBA6DD09C]

---- Kernel code sections - GMER 2.0 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB92D6340, 0x121A5F, 0xF8000020]
.text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF012380, 0x25BA81, 0xF8000020]
? C:\DOCUME~1\Donnie\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 2.0 ----

.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 44, 16, 00] {SUB [ESI+EDX+0x0], AL}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 47, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 44, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 45, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC5E
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 46, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 45, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 46, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ECCF
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 44, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDFD
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 45, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 46, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 47, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3156] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 0C, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 0F, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 0C, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 0D, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B911326
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 0E, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 0D, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 0E, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B911397
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 0C, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9114C5
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 0D, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 0E, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 0F, 3D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3336] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 78, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 7B, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 78, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 79, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B913792
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 7A, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 79, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 7A, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B913803
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 78, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B913931
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 79, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 7A, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 7B, 61, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4116] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes CALL 5F8FD156
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, EB, 9D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes CALL 5F8FD646
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes JMP 5F8FD6A6
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917402
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes JMP E2FF009D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes JMP 5F8FD706
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes JMP E2FF009D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917473
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes CALL 5F8FD7B6
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9175A1
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes JMP 5F8FDD06
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes JMP E2FF009D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, EB, 9D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[4716] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 90, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 93, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 90, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 91, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C9AA
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 92, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 91, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 92, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91CA1B
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 90, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91CB49
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 91, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 92, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 93, F3, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5008] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 80, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 83, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 80, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 81, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91A49A
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 82, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 81, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 82, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91A50B
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 80, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91A639
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 81, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 82, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 83, CE, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5796] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- Registry - GMER 2.0 ----

Reg HKLM\SYSTEM\ControlSet001\Control\Session [email protected] ???H?????????????H???????????I???;???????????P???l??????:\???????O???a???????????&????8??I?????????????????H????? ???????H?????????????F??????(???????????????s36E??C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour?o??usb\class_06&subclass_01&prot_01?????????P???6???????6???_??DiskDrive???? ???????H???????????????????????????????f??C:\Documents and Settings\Donnie\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin????PCI\VEN_123F&DEV_8120&SUBSYS_00021655&REV_B1\5&139d2370&0&4060F0?3??????!?????????????????????????N??P???????e????6??O???i??r?????X??N???K???e???????????5???????????5???????J???6???????6???????????????5?=?=???6?6?B?B?B?B?B?B?B?B?B?G?G??????USB?????? ???????G???????????7?????????????????PPe??? 0??J?????????8????????????????????????C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe:*:Enabled:printer Status Window Interface?????.??N??????l???{36FC9E60-C465-11CF-8056-444553540000}??nc???????0???O???O??mr97310c.sys?\??139:TCP:Loc
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeLo -2110066406
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeHi 30275035
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeLo -2109910156
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeHi 30275035
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-73586283-1965331169-1801674531-1003\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeLo 553879818
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-73586283-1965331169-1801674531-1003\Extension-List\{00000000-0000-0000-0000-000000000000}@StartTimeHi 30275042
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-73586283-1965331169-1801674531-1003\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeLo 554036068
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-73586283-1965331169-1801674531-1003\Extension-List\{00000000-0000-0000-0000-000000000000}@EndTimeHi 30275042
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC\[email protected] 1110509976
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC\[email protected] 1110515378
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0090400000000000F01FEC\[email protected]_1033 1110509975
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA330100007706000000000030\[email protected] 1110515295
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040711900063D11C8EF10054038389C\[email protected] 1110512812
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040711900063D11C8EF10054038389C\[email protected] 1110517492
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AFCA67F1EF226F94CB504FCE38F584CC\[email protected] 1110513114
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EE109868708798F41A43C707D5439FF1\[email protected] 1110513502
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.DisabledFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.SBEFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.SBIFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.SBSFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.TInfoFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.UTIFile
Reg HKLM\SOFTWARE\Classes\[email protected] SpybotSD.UTSFile
Reg HKLM\SOFTWARE\Classes\[email protected] MBAMShlExt Class
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CLSID
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\[email protected] {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CurVer
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\[email protected] MBAMExt.MBAMShlExt.1
Reg HKLM\SOFTWARE\Classes\[email protected] MBAMShlExt Class
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1\CLSID
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1\[email protected] {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
Reg HKLM\SOFTWARE\Classes\[email protected] Disabled startup file
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\blindman.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.DisabledFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] Spyware exclude file
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBEFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] Spyware include file
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBIFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBS[email protected] Spyware supplemental file
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.SBSFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] Internal informations
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.TInfoFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] Usage tracks include file
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTIFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] Usage tracks supplemental file
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe",0
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\shell
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\shell\open
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\shell\open\command
Reg HKLM\SOFTWARE\Classes\SpybotSD.UTSFile\shell\open\[email protected] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" "%1"
Reg HKLM\SOFTWARE\Classes\[email protected] SSubTimer6.CTimer
Reg HKLM\SOFTWARE\Classes\SSubTimer6.CTimer\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.CTimer\[email protected] {71A27034-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\[email protected] SSubTimer6.GSubclass
Reg HKLM\SOFTWARE\Classes\SSubTimer6.GSubclass\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.GSubclass\[email protected] {71A27032-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\[email protected] SSubTimer6.ISubclass
Reg HKLM\SOFTWARE\Classes\SSubTimer6.ISubclass\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.ISubclass\[email protected] {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\[email protected] vbAcceleratorSGrid6.cGridCell
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridCell\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridCell\[email protected] {9BD3A001-42A2-491E-AACA-9512F6CF4CDB}
Reg HKLM\SOFTWARE\Classes\[email protected] vbAcceleratorSGrid6.cGridSortObject
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridSortObject\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridSortObject\[email protected] {D2129738-6A78-4BCB-915A-412982CAA23D}
Reg HKLM\SOFTWARE\Classes\[email protected] vbAcceleratorSGrid6.IGridCellOwnerDraw
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.IGridCellOwnerDraw\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.IGridCellOwnerDraw\[email protected] {DC90EAA6-69B8-4DE4-9A7B-5B2C5B3FEACD}
Reg HKLM\SOFTWARE\Classes\[email protected] vbAccelerator Grid Control
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.vbalGrid\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.vbalGrid\[email protected] {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

---- Disk sectors - GMER 2.0 ----

Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior

---- EOF - GMER 2.0 ----
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top