1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

System hangs and slow responses.

Discussion in 'Virus & Other Malware Removal' started by PaulVanDuck, Dec 19, 2010.

Thread Status:
Not open for further replies.
  1. PaulVanDuck

    PaulVanDuck Thread Starter

    Joined:
    Dec 18, 2010
    Messages:
    1
    Hi guys, I hope you can help. I'm having a few problems with my laptop. A few days ago the system started to run very slowly, the initial start-up is slower than normal and after that I can use the computer for a few minutes. After that whatever I'm using, online or offline, will freeze and i'll be unable to close it down or open anything else. The CPU will be at or near 100% even when idle. There was a failed windows update a few days ago and i'm unable to update upto this point. I have tried system restore but it says there are no restore points, even though i know there are as I was on the verge of using it a few years ago. I already had Kaspersky Internet Security installed and that hasn't found anything, neither has MBAM. I also have WinPatrol & Autorun Eater running and neither of those have flagged any changes up. I'm not entirely convinced it is malware, but what do i know :p so i figured it was the best place to start.

    System specs - Fujitsu Siemens AMD turion 64x2 mobile technology TL-60, 2.00ghz, 3gb RAM, Visa SP2, 32 bit.

    Here are the logs requested:


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:19:37, on 18/12/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18975)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.matthardwick.com/forums/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
    O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
    O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [recinfo5] c:\RecInfo\RecInfo.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [avp] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Paul & Les\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 9245 bytes
    ________________________________________________


    DDS (Ver_10-12-12.01) - NTFSx86 NETWORK
    Run by Paul & Les at 19:20:23.43 on 18/12/2010
    Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.2329 [GMT 0:00]

    AV: Kaspersky Internet Security *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    SP: Kaspersky Internet Security *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Internet Security *Enabled*
    AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Paul & Les\Desktop\dds.pif

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.matthardwick.com/forums/
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Google Update] "c:\users\paul & les\appdata\local\google\update\GoogleUpdate.exe" /c
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [FIC HotKey] c:\program files\hotkey utility\tray.exe
    mRun: [PowerManager] c:\program files\power manager\PM.exe
    mRun: [Silent Mode] c:\program files\light sensor utility\Sensor.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [recinfo5] c:\recinfo\RecInfo.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [avp] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe"
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [Autorun Eater] c:\program files\autorun eater\oldmcdonald.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [Skytel] Skytel.exe
    dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: E&xport to Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    AppInit_DLLs: c:\progra~1\kasper~1\kasper~2\mzvkbd3.dll c:\progra~1\google\google~2\googledesktopnetwork3.dll,c:\progra~1\kasper~1\kasper~2\kloehk.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\paul&l~1\appdata\roaming\mozilla\firefox\profiles\ddrgwl91.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.matthardwick.com/forums/
    FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\KavLinkFilter.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\paul & les\appdata\local\yahoo!\browserplus\2.8.1\plugins\npybrowserplus_2.8.1.dll
    FF - plugin: c:\users\paul & les\appdata\roaming\mozilla\firefox\profiles\ddrgwl91.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - Extension: Kaspersky URL Advisor: [email protected] - c:\program files\mozilla firefox\extensions\[email protected]
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

    ============= SERVICES / DRIVERS ===============

    R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 21520]
    S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340520]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-18 135664]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-4-22 21504]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-11 30192]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

    =============== Created Last 30 ================

    2010-12-18 18:26:50 532480 ----a-w- c:\windows\system32\RTSndMgr.cpl
    2010-12-18 18:26:50 495104 ----a-w- c:\windows\system32\RtkPgExt.dll
    2010-12-18 18:26:50 4431872 ----a-w- c:\windows\RtHDVCpl.exe
    2010-12-18 18:26:50 339968 ----a-w- c:\windows\system32\SRSTSXT.dll
    2010-12-18 18:26:50 266240 ----a-w- c:\windows\system32\RtkApoApi.dll
    2010-12-18 18:26:50 1844224 ----a-w- c:\windows\system32\RtkAPO.dll
    2010-12-18 18:26:50 18432 ----a-w- c:\windows\system32\RtkCoInst.dll
    2010-12-18 18:26:50 1822720 ----a-w- c:\windows\SkyTel.exe
    2010-12-18 18:26:50 1764960 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
    2010-12-18 18:26:50 135168 ----a-w- c:\windows\system32\SRSWOW.dll
    2010-12-18 18:26:50 1191936 ----a-w- c:\windows\RtlUpd.exe
    2010-12-18 18:26:50 -------- d-----w- c:\program files\Realtek
    2010-12-18 12:55:19 -------- d-----w- C:\51a484e2e8af6ac9855b
    2010-12-18 11:26:02 -------- d-----w- C:\70391377df76c472eb
    2010-12-18 10:37:39 -------- d-----w- C:\df4c34b1d4e7a4d1b422d0d6028737ed
    2010-12-18 08:39:00 -------- d-----w- c:\users\paul&l~1\appdata\local\Apple Computer
    2010-11-26 13:42:58 -------- d-----w- c:\users\paul&l~1\appdata\roaming\AnvSoft
    2010-11-25 22:11:08 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
    2010-11-22 21:12:44 -------- d-----w- c:\program files\iPod
    2010-11-22 21:12:41 -------- d-----w- c:\program files\iTunes

    ==================== Find3M ====================

    2010-12-18 18:26:52 319456 ----a-w- c:\windows\DIFxAPI.dll
    2010-09-28 15:44:52 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2010-09-22 23:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
    2010-09-22 23:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR

    ============= FINISH: 19:21:57.66 ===============
    --------------------------------------------------------------

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2010-12-18 20:21:48
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\0000005d WDC_WD32 rev.11.0
    Running: rdjkepin.exe; Driver: C:\Users\PAUL&L~1\AppData\Local\Temp\kgldapod.sys


    ---- Kernel code sections - GMER 1.0.15 ----

    ? C:\Users\PAUL&L~1\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtCreateFile + 6 773343DA 4 Bytes [28, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtCreateFile + B 773343DF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtMapViewOfSection + 6 77334B2A 1 Byte [28]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtMapViewOfSection + 6 77334B2A 4 Bytes [28, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtMapViewOfSection + B 77334B2F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenFile + 6 77334BBA 4 Bytes [68, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenFile + B 77334BBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenProcess + 6 77334C3A 4 Bytes [A8, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenProcess + B 77334C3F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenProcessToken + B 77334C4F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenProcessTokenEx + 6 77334C5A 4 Bytes [A8, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenProcessTokenEx + B 77334C5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenThread + 6 77334CAA 4 Bytes [68, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenThread + B 77334CAF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenThreadToken + 6 77334CBA 4 Bytes [68, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenThreadToken + B 77334CBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtOpenThreadTokenEx + B 77334CCF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtQueryAttributesFile + 6 77334D5A 4 Bytes [A8, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtQueryAttributesFile + B 77334D5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtQueryFullAttributesFile + B 77334E0F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtSetInformationFile + 6 773352EA 4 Bytes [28, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtSetInformationFile + B 773352EF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtSetInformationThread + 6 7733533A 4 Bytes [28, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtSetInformationThread + B 7733533F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 1 Byte [68]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 4 Bytes [68, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1032] ntdll.dll!NtUnmapViewOfSection + B 773355DF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtCreateFile + 6 773343DA 4 Bytes [28, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtCreateFile + B 773343DF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtMapViewOfSection + 6 77334B2A 1 Byte [28]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtMapViewOfSection + 6 77334B2A 4 Bytes [28, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtMapViewOfSection + B 77334B2F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenFile + 6 77334BBA 4 Bytes [68, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenFile + B 77334BBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenProcess + 6 77334C3A 4 Bytes [A8, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenProcess + B 77334C3F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenProcessToken + B 77334C4F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenProcessTokenEx + 6 77334C5A 4 Bytes [A8, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenProcessTokenEx + B 77334C5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenThread + 6 77334CAA 4 Bytes [68, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenThread + B 77334CAF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenThreadToken + 6 77334CBA 4 Bytes [68, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenThreadToken + B 77334CBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtOpenThreadTokenEx + B 77334CCF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtQueryAttributesFile + 6 77334D5A 4 Bytes [A8, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtQueryAttributesFile + B 77334D5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtQueryFullAttributesFile + B 77334E0F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtSetInformationFile + 6 773352EA 4 Bytes [28, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtSetInformationFile + B 773352EF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtSetInformationThread + 6 7733533A 4 Bytes [28, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtSetInformationThread + B 7733533F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 1 Byte [68]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 4 Bytes [68, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1308] ntdll.dll!NtUnmapViewOfSection + B 773355DF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtCreateFile + 6 773343DA 4 Bytes [28, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtCreateFile + B 773343DF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtMapViewOfSection + 6 77334B2A 1 Byte [28]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtMapViewOfSection + 6 77334B2A 4 Bytes [28, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtMapViewOfSection + B 77334B2F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenFile + 6 77334BBA 4 Bytes [68, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenFile + B 77334BBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenProcess + 6 77334C3A 4 Bytes [A8, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenProcess + B 77334C3F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenProcessToken + B 77334C4F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenProcessTokenEx + 6 77334C5A 4 Bytes [A8, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenProcessTokenEx + B 77334C5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenThread + 6 77334CAA 4 Bytes [68, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenThread + B 77334CAF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenThreadToken + 6 77334CBA 4 Bytes [68, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenThreadToken + B 77334CBF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtOpenThreadTokenEx + B 77334CCF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtQueryAttributesFile + 6 77334D5A 4 Bytes [A8, 00, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtQueryAttributesFile + B 77334D5F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtQueryFullAttributesFile + B 77334E0F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtSetInformationFile + 6 773352EA 4 Bytes [28, 01, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtSetInformationFile + B 773352EF 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtSetInformationThread + 6 7733533A 4 Bytes [28, 02, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtSetInformationThread + B 7733533F 1 Byte [E2]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 1 Byte [68]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtUnmapViewOfSection + 6 773355DA 4 Bytes [68, 03, 06, 00]
    .text C:\Users\Paul & Les\AppData\Local\Google\Chrome\Application\chrome.exe[1312] ntdll.dll!NtUnmapViewOfSection + B 773355DF 1 Byte [E2]

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0x44 0x65 0x3D 0x68 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\[email protected] 0x44 0x65 0x3D 0x68 ...

    ---- EOF - GMER 1.0.15 ----

    Any help would be greatly appreciated. Thanks in advance.

    Paul
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/969370

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice