1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Extremely slow system presumably to virsuses

Discussion in 'Virus & Other Malware Removal' started by BigmanMarch, Dec 21, 2010.

Thread Status:
Not open for further replies.
  1. BigmanMarch

    BigmanMarch Thread Starter

    Joined:
    Dec 21, 2010
    Messages:
    1
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 03:17:34, on 22/12/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.7930.16406)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Windows\system32\igfxext.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Users\Ry\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
    O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Movie_Edit_Pro_15_Plus_Download_version\TrayServer.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    --
    End of file - 10390 bytes


    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Ry at 3:18:07.78 on 22/12/2010
    Internet Explorer: 9.0.7930.16406
    Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.3033.1889 [GMT 0:00]

    AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Windows\System32\svchost.exe -k Akamai
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\CISVC.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k ipripsvc
    C:\Windows\system32\mqsvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\System32\tcpsvcs.exe
    C:\Windows\System32\snmp.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Windows\system32\igfxext.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Ry\Downloads\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.co.uk/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [TrayServer] c:\program files\magix\movie_edit_pro_15_plus_download_version\TrayServer.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRunOnce: [B Register c:\program files\divx\divx plus player\dpxplugins\dpxdfxaudioplugin.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dpxplugins\DPXDFXAudioPlugin.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dseplugins\direct3dvideooutput.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dseplugins\Direct3DVideoOutput.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dseplugins\directsoundaudiooutput.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dseplugins\DirectSoundAudioOutput.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dseplugins\divxdeinterlacefilter.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dseplugins\DivXDeinterlaceFilter.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dpxplugins\dpxbanneradplugin.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dpxplugins\DPXBannerAdPlugin.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dpxplugins\dpxdownloadmanagerplugin.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dpxplugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dpxplugins\dpxmediamanagerplugin.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dpxplugins\DPXMediaManagerPlugin.dll",DllRegisterServer
    mRunOnce: [B Register c:\program files\divx\divx plus player\dpxplugins\dpxplayerplugin.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus player\dpxplugins\DPXPlayerPlugin.dll",DllRegisterServer
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\ry\appdata\roaming\mozilla\firefox\profiles\vanbql7p.default\
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\abhelperxpcom.dll
    FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\kavlinkfilter.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\veetle\player\npvlc.dll
    FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - Ext: Anti-Banner: [email protected] - c:\program files\mozilla firefox\extensions\[email protected]
    FF - Ext: Kaspersky URL Advisor: [email protected] - c:\program files\mozilla firefox\extensions\[email protected]
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
    FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa

    ============= SERVICES / DRIVERS ===============

    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-7-4 10752]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
    R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-7-1 352976]
    R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2009-7-13 20992]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-17 136176]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-6 1343400]
    S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2010-7-3 1527900]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

    =============== Created Last 30 ================

    2010-12-22 02:55:42 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{893fb3ff-8f5d-4b55-9860-85e188eedf74}\mpengine.dll
    2010-12-17 12:42:50 -------- d-----w- c:\users\ry\appdata\local\Microsoft Games
    2010-12-16 17:41:46 -------- d-----w- c:\program files\iPod
    2010-12-15 14:40:22 516096 ----a-w- c:\program files\windows mail\wab.exe
    2010-12-15 14:40:20 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-12-15 14:39:43 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-12-15 14:39:43 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-12-15 14:39:43 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-12-15 14:39:43 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-12-15 14:39:43 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-12-15 14:39:43 179712 ----a-w- c:\windows\system32\schtasks.exe
    2010-12-15 14:39:37 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-12-15 14:39:37 294400 ----a-w- c:\windows\system32\atmfd.dll
    2010-12-15 14:39:34 314368 ----a-w- c:\windows\system32\webio.dll
    2010-12-15 14:39:32 101760 ----a-w- c:\windows\system32\consent.exe
    2010-12-15 14:39:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2010-12-15 14:39:31 2327552 ----a-w- c:\windows\system32\win32k.sys
    2010-12-14 03:35:20 -------- d-----w- c:\users\ry\appdata\local\ElevatedDiagnostics
    2010-12-12 16:41:35 -------- d-----w- c:\users\ry\appdata\roaming\Local
    2010-12-12 15:05:23 2381824 ----a-w- c:\windows\system32\mshtml.tlb
    2010-12-12 15:05:23 1448448 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-11-29 17:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-11-29 17:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

    ==================== Find3M ====================

    2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
    2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
    2010-10-19 10:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

    ============= FINISH: 3:18:33.22 ===============


    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2010-12-22 03:33:42
    Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHZ2320BH_G2 rev.00000009
    Running: k44kqx3m.exe; Driver: C:\Users\Ry\AppData\Local\Temp\kxldrpog.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8C39DD50]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8C39FF8E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8C3A0208]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8C3A047E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8C39E664]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8C39F498]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8C39F9E2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8C39E940]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8C39F8C8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8C39D93E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8C39F79C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8C39DAE6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8C39FB02]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8C39E2EA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8C39E3E8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x8C3A06C8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8C39F832]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8C3A11F0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x8C39EDC2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8C3A23FE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8C39EBD0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8C3A12E2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8C3A1A4A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8C39FA78]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8C39E6E6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8C39F958]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8C39DF8E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8C3A17E4]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8C39FB98]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8C39DE7E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8C3A0782]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8C3A1D84]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8C3A1676]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x8C39C5F8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8C39FEFC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8C39FDC2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8C3A0F8A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x8C39C970]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8C3A22A0]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x8C39C590]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8C39F1DE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8C39E506]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8C3A0824]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x8C3A1480]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8C3A1ED4]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8C3A1FC6]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8C3A2100]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8C3A1114]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8C39E134]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8C39E08A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8C3A1C28]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8C39E220]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E50599 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E74F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 220 82E7C730 4 Bytes [50, DD, 39, 8C]
    .text ntkrnlpa.exe!RtlSidHashLookup + 248 82E7C758 8 Bytes [8E, FF, 39, 8C, 08, 02, 3A, ...]
    .text ntkrnlpa.exe!RtlSidHashLookup + 28C 82E7C79C 4 Bytes [7E, 04, 3A, 8C]
    .text ntkrnlpa.exe!RtlSidHashLookup + 2B8 82E7C7C8 4 Bytes [64, E6, 39, 8C]
    .text ntkrnlpa.exe!RtlSidHashLookup + 2DC 82E7C7EC 4 Bytes [98, F4, 39, 8C]
    .text ...
    ? C:\Users\Ry\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[1604] USER32.dll!TrackPopupMenu 757B4B3B 5 Bytes JMP 64842342 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2828] ntdll.dll!LdrLoadDll 7704F625 5 Bytes JMP 00B913F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

    ---- Devices - GMER 1.0.15 ----

    Device \Driver\ACPI_HAL \Device\00000050 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\[email protected] \Device\{7D9ED340-8E1D-4DDA-95F9-82B952BA3744}?\Device\{E9B7EA48-735E-490E-A5C5-C397346ECDB8}?\Device\{B75C2DA0-F088-411C-8301-860FD86741E3}?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\[email protected] "{7D9ED340-8E1D-4DDA-95F9-82B952BA3744}"?"{E9B7EA48-735E-490E-A5C5-C397346ECDB8}"?"{B75C2DA0-F088-411C-8301-860FD86741E3}"?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\[email protected] \Device\TCPIP6TUNNEL_{7D9ED340-8E1D-4DDA-95F9-82B952BA3744}?\Device\TCPIP6TUNNEL_{E9B7EA48-735E-490E-A5C5-C397346ECDB8}?\Device\TCPIP6TUNNEL_{B75C2DA0-F088-411C-8301-860FD86741E3}?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session [email protected] ?????i??????\\?\USB#VID_05AC&PID_120A#000A270012C23D51#{a5dcbf10-6530-11d2-901f-00c04fb951ed}[email protected],%msft%;Microsoft?i????(???N??????i????????????????????????????i??????|????(??????????N?????eip????????????????????????,??????t???t??volsnap.inf?????.NT???????????0?????????????*isatap?????????????? ?????????????s?1??????????????????????ic??USB?iv??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{3A7DC275-030F-4DC2-985E-952576984902}] DATAGRAM 7?0FD??????? ???????????????????p?1????????????????????? ?????????????????????1????????????????????? ???????????????????p?1????????????????????? [email protected],%intel_mfg%;Intel??????????VolumeSnapshot??????{5225e9f0-bf9d-5b1e-8f6c-6050fb7a4b5e}??????????? ?????????????????????-????????????????????????????????????????? ???????C?????F08???????????6??s7???????????m???m??????? ???????????????????n?1????????????????????gendisk?,[email protected],%intel_mfg%;Intel?????????????????????????????????????????????
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307cf28
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x89 0x5A 0xEA 0xE6 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0xD3 0x40 0x3C 0xAE ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x24 0x6A 0xA5 0x78 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x02 0xBE 0x36 0x8C ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x87 0xDC 0x0C 0x14 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x6D 0x29 0x2E 0x3E ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x78 0x26 0xA6 0x49 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0xE3 0x7E 0x5F 0xD0 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{7D9ED340-8E1D-4DDA-95F9-82B952BA3744}@InterfaceName isatap.{450EC2E7-AC65-4375-B534-F7D72101680E}
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{7D9ED340-8E1D-4DDA-95F9-82B952BA3744}@ReusableType 0
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307cf28 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x89 0x5A 0xEA 0xE6 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0xD3 0x40 0x3C 0xAE ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x24 0x6A 0xA5 0x78 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x02 0xBE 0x36 0x8C ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x87 0xDC 0x0C 0x14 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x6D 0x29 0x2E 0x3E ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x78 0x26 0xA6 0x49 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0xE3 0x7E 0x5F 0xD0 ...

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/969922

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice