1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow processing

Discussion in 'Virus & Other Malware Removal' started by Morericewong, Jun 28, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Morericewong

    Morericewong Thread Starter

    Joined:
    Sep 8, 2008
    Messages:
    13
    Hi There

    I recently got onto my mothers computer and things are running really slowly. not 100% its a virus or malware. Video clips on the hard drive/internet are not running smoothly. The GMER took almost like 3 hrs to complete. I have already run spybot scan with no results. Would be really grateful if someone could have a look at my logs for anything unusual.

    Cheers
    Maurice

    HJT File

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:55:05 AM, on 28/06/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\samsung\panelmgr\SSMMgr.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Portrait Displays\Pivot Software\floater.exe
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
    C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Desktop\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
    O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ErrorTeck] C:\Program Files\ErrorTeck\ErrorTeck.exe /scan
    O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\samsung\panelmgr\SSMMgr.exe /autorun
    O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\WECPUpdate.exe -s
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [HP Photosmart 7510 series (NET)] "C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN22E3416W05T6:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - Startup: Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk = ?
    O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
    O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
    O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
    O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx
    O16 - DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} (Confidence Online for Web Applications) - https://mcpuk1.jpmorgan.com/llclient/myatawap/winxp/AXXPEE.dll
    O16 - DPF: {785F7664-AD0E-4CBA-8F28-F6C485A9E648} (Web Class) - https://www-ap.myataw.com/ebctrl.cab
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocx
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://sera-mtl.cgi.com/dana-cached/sc/JuniperSetupClient.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 14426 bytes

    DDS File

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
    Run by M.S.Y. Technology at 10:55:35 on 2012-06-28
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.861 [GMT 10:00]
    .
    AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\samsung\panelmgr\SSMMgr.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Portrait Displays\Pivot Software\floater.exe
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
    C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    uURLSearchHooks: H - No File
    mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [Media Codec Update Service] c:\program files\essentials codec pack\WECPUpdate.exe -s
    uRun: [Google Update] "c:\documents and settings\m.s.y. technology\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [HP Photosmart 7510 series (NET)] "c:\program files\hp\hp photosmart 7510 series\bin\ScanToPCActivationApp.exe" -deviceID "CN22E3416W05T6:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
    mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
    mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
    mRun: [DT HPW] c:\program files\portrait displays\hp my display\DTHtml.exe -startup_folder
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [ErrorTeck] c:\program files\errorteck\ErrorTeck.exe /scan
    mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
    mRun: [CDAServer] c:\program files\common files\common desktop agent\CDASrv.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    StartupFolder: c:\docume~1\msy~1.tec\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\asuswi~1.lnk - c:\program files\asus wifi-ap solo\RtWLan.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: SmarThru4 Capture Selection - c:\program files\smarthru 4\WebCapture.dll2.htm
    IE: SmarThru4 Save as HTML - c:\program files\smarthru 4\WebCapture.dll1.htm
    IE: SmarThru4 Save Selected Text - c:\program files\smarthru 4\WebCapture.dll.htm
    IE: SmarThru4 Web Capture - c:\program files\smarthru 4\WebCapture.dll
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
    DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} - hxxps://mcpuk1.jpmorgan.com/llclient/myatawap/winxp/AXXPEE.dll
    DPF: {785F7664-AD0E-4CBA-8F28-F6C485A9E648} - hxxps://www-ap.myataw.com/ebctrl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocx
    DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://sera-mtl.cgi.com/dana-cached/sc/JuniperSetupClient.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9FE8F3AE-C4E9-41A2-83A8-92B29C33E2C3} : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: avgrsstarter - avgrsstx.dll
    AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Authentication Packages = msv1_0 nwprovau
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\m.s.y. technology\application data\mozilla\firefox\profiles\2vjtkdur.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    FF - prefs.js: keyword.URL - hxxp://au.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_au&p=
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
    FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\m.s.y. technology\application data\facebook\npfbplugin_1_0_3.dll
    FF - plugin: c:\documents and settings\m.s.y. technology\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\m.s.y. technology\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\m.s.y. technology\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
    FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: AVG Security Toolbar em:version=3.011.025.005 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg8\toolbar\firefox\avg@igeared
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-4-26 335240]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-4-26 27784]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-4-26 108552]
    R1 NEOFLTR_640_16949;Juniper Networks TDI Filter Driver (NEOFLTR_640_16949);c:\windows\system32\drivers\NEOFLTR_640_16949.sys [2010-10-28 85360]
    R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-5 908056]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-5 297752]
    R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136]
    R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2010-10-15 5120]
    R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-4-3 176128]
    R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2008-4-3 13532]
    S1 NEOFLTR_550_12415;Juniper Networks TDI Filter Driver (NEOFLTR_550_12415);\??\c:\windows\system32\drivers\neofltr_550_12415.sys --> c:\windows\system32\drivers\NEOFLTR_550_12415.SYS [?]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-12-3 30192]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2007-7-27 14336]
    S3 zgwhsdiag;ZTE WCDMA Handset Diagnostic Port;c:\windows\system32\drivers\zgwhsdiag.sys [2011-9-3 105216]
    S3 zgwhsmdm;ZTE WCDMA Handset USB Modem;c:\windows\system32\drivers\zgwhsmdm.sys [2011-9-3 105216]
    .
    =============== Created Last 30 ================
    .
    2012-06-26 07:51:51 -------- d-----w- c:\windows\system32\appmgmt
    2012-06-13 22:02:41 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-05-30 03:59:30 4966600 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
    .
    ==================== Find3M ====================
    .
    2012-06-02 05:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 05:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 05:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 05:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 05:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 05:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 05:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 05:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec
    2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 11:01:32.29 ===============

    ark file
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-06-28 13:51:55
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST3500630AS rev.3.AAK
    Running: 578m0vl2.exe; Driver: C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\ugldqfob.sys


    ---- System - GMER 1.0.15 ----

    SSDT speu.sys ZwCreateKey [0xB9EA80E0]
    SSDT speu.sys ZwEnumerateKey [0xB9EC6CA2]
    SSDT speu.sys ZwEnumerateValueKey [0xB9EC7030]
    SSDT speu.sys ZwOpenKey [0xB9EA80C0]
    SSDT speu.sys ZwQueryKey [0xB9EC7108]
    SSDT speu.sys ZwQueryValueKey [0xB9EC6F88]
    SSDT speu.sys ZwSetValueKey [0xB9EC719A]

    INT 0x01 \??\C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\mbr.sys B50E0C42
    INT 0x83 ? 8A725BF8
    INT 0x83 ? 8A4F7BF8
    INT 0x83 ? 8A725BF8
    INT 0x84 ? 8A4F7BF8
    INT 0x94 ? 8A4F7BF8
    INT 0x94 ? 8A4F7BF8
    INT 0x94 ? 8A4F7BF8
    INT 0x94 ? 8A4F7BF8
    INT 0xA4 ? 8A4F7BF8
    INT 0xB4 ? 8A722BF8
    INT 0xB4 ? 8A722BF8
    INT 0xB4 ? 8A722BF8
    INT 0xB4 ? 8A722BF8
    INT 0xB4 ? 8A722BF8

    ---- Kernel code sections - GMER 1.0.15 ----

    ? speu.sys The system cannot find the file specified. !
    .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8CF4360, 0x307F47, 0xE8000020]
    .text USBPORT.SYS!DllUnload B8CD48AC 5 Bytes JMP 8A4F71D8
    .text agw5l2ot.SYS B8C0C384 1 Byte [20]
    .text agw5l2ot.SYS B8C0C384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
    .text agw5l2ot.SYS B8C0C3AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
    .text agw5l2ot.SYS B8C0C3C4 3 Bytes [00, 00, 00]
    .text agw5l2ot.SYS B8C0C3C9 1 Byte [00]
    .text ...
    init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB597AA00]
    ? C:\DOCUME~1\MSY~1.TEC\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 3B, 00] {SUB [EAX], AL; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 3B, 00] {SUB [EBX], AL; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 3B, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 3B, 00] {TEST AL, 0x1; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91111A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 3B, 00] {TEST AL, 0x2; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 3B, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 3B, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91118B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 3B, 00] {TEST AL, 0x0; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9112B9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 3B, 00] {SUB [ECX], AL; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 3B, 00] {SUB [EDX], AL; CMP EAX, [EAX]}
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 3B, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B910D1A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910D8B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910EB9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 37, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91031A
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91038B
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9104B9
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 2D, 00]
    .text C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] speu.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] speu.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] speu.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] speu.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] speu.sys
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfRaiseIrql] 000000AF
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfLowerIrql] 0000009C
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!HalGetInterruptVector] 000000A4
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!HalTranslateBusAddress] 00000072
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!READ_PORT_USHORT] 00000093
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
    IAT \SystemRoot\System32\Drivers\agw5l2ot.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC
    IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB9048] speu.sys

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[144] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003E0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2168] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003D0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2872] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5280] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
    IAT C:\Documents and Settings\M.S.Y. Technology\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[6096] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00580010

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 8A7921F8
    Device \FileSystem\Udfs \UdfsCdRom 8A41D1F8
    Device \FileSystem\Udfs \UdfsDisk 8A41D1F8

    AttachedDevice \Driver\Tcpip \Device\Ip NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)

    Device \Driver\usbuhci \Device\USBPDO-0 8A4F51F8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A7941F8
    Device \Driver\dmio \Device\DmControl\DmConfig 8A7941F8
    Device \Driver\dmio \Device\DmControl\DmPnP 8A7941F8
    Device \Driver\dmio \Device\DmControl\DmInfo 8A7941F8
    Device \Driver\usbuhci \Device\USBPDO-1 8A4F51F8
    Device \Driver\usbuhci \Device\USBPDO-2 8A4F51F8
    Device \Driver\usbehci \Device\USBPDO-3 8A4D21F8
    Device \Driver\usbuhci \Device\USBPDO-4 8A4F51F8

    AttachedDevice \Driver\Tcpip \Device\Tcp NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)

    Device \Driver\usbuhci \Device\USBPDO-5 8A4F51F8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{9FE8F3AE-C4E9-41A2-83A8-92B29C33E2C3} 8A4451F8
    Device \Driver\usbuhci \Device\USBPDO-6 8A4F51F8
    Device \Driver\Ftdisk \Device\HarddiskVolume1 8A7231F8
    Device \Driver\usbehci \Device\USBPDO-7 8A4D21F8
    Device \Driver\Cdrom \Device\CdRom0 8A48F1F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort0 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort1 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort2 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort3 [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9DFCB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\Cdrom \Device\CdRom1 8A48F1F8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 8A4451F8
    Device \Driver\USBSTOR \Device\00000091 89D7E1F8
    Device \Driver\sptd \Device\3387506962 speu.sys
    Device \Driver\NetBT \Device\NetbiosSmb 8A4451F8
    Device \Driver\PCI_PNP0712 \Device\0000004d speu.sys

    AttachedDevice \Driver\Tcpip \Device\Udp NEOFLTR_640_16949.SYS (NetBIOS Redirector/Juniper Networks)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\USBSTOR \Device\00000097 89D7E1F8
    Device \Driver\usbuhci \Device\USBFDO-0 8A4F51F8
    Device \Driver\usbuhci \Device\USBFDO-1 8A4F51F8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A39F1F8
    Device \Driver\usbuhci \Device\USBFDO-2 8A4F51F8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A39F1F8
    Device \Driver\usbehci \Device\USBFDO-3 8A4D21F8
    Device \Driver\usbuhci \Device\USBFDO-4 8A4F51F8
    Device \Driver\Ftdisk \Device\FtControl 8A7231F8
    Device \Driver\usbuhci \Device\USBFDO-5 8A4F51F8
    Device \Driver\usbuhci \Device\USBFDO-6 8A4F51F8
    Device \Driver\usbehci \Device\USBFDO-7 8A4D21F8
    Device \Driver\agw5l2ot \Device\Scsi\agw5l2ot1Port5Path0Target0Lun0 8A44B1F8
    Device \Driver\agw5l2ot \Device\Scsi\agw5l2ot1 8A44B1F8
    Device \Driver\JRAID \Device\Scsi\JRAID1 8A7931F8
    Device \FileSystem\Cdfs \Cdfs 89D4F1F8

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x86 0x20 0xB2 0x31 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x86 0x20 0xB2 0x31 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x86 0x20 0xB2 0x31 ...
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xFE 0x61 0xD8 0x6B ...
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x15 0xD0 0x86 0x03 ...

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    Right-click MY COMPUTER, then click Properties.

    Advise what's listed in the Computer: section in the bottom of the "General" tab - EXACTLY as you see it there.

    That information will show us how much RAM is dedicated to Windows XP and if the processor is running at its rated speed.

    -------------------------------------------------------

    AVG Free 8.5 is extremely outdated.

    Uninstall it, then replace it with Microsoft Security Essentials.

    It's light-weight and very user-friendly and well-recommended here.

    -------------------------------------------------------

    Java(TM) 6 Update 5 needs to be uninstalled.

    Java(TM) 6 Update 26 needs to be updated to Java Runtime Environment 1.6.0.33(6 Update 33).

    6 update 33 will overwrite and replace 6 Update 26, so there's no need to uninstall it first.

    Note: Click the green icon with white "down" arrow link.

    -------------------------------------------------------

    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    both need to be updated to their current version: 11.3.300.257 and 11.3.300.262.

    The new version should overwrite and replace the old version, so there's no need to uninstall it first.

    Note: Click the green icon with white "down" arrow link.

    -------------------------------------------------------

    Uninstall Spybot - Search & Destroy, then replace it with the free version of
    Malwarebytes Anti-Malware
    and SUPERAntiSpyware.

    They're not problematic like Spybot and they're very user-friendly and well-recommended here.

    Update their definition files during the install process, and uncheck and decline to install any extras that are offered.

    -------------------------------------------------------

    Skype 5.8 needs to be updated to version 5.10.0.114.

    Note: Click the green icon with white "down" arrow link.

    -------------------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1058861