That should have said, "Antivirus programs came up clear"
Thanks for help. My main PC died (CPU or Motherboard), so I'm using my laptop:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:45:13 PM, on 7/17/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21342)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tether\TBService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\RayV\RayV\RayV.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\My Documents\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3839880C-D975-4408-BB2A-E1C1362C92FC}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Express Accounts (ExpressAccountsService) - Unknown owner - C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Tether - Unknown owner - C:\Program Files\Tether\TBService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 7014 bytes
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/11/2007 9:12:57 AM
System Uptime: 7/17/2013 1:18:35 PM (1 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Pentium(R) M processor 1.86GHz | Microprocessor | 1862/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 37 GiB total, 18.998 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Tether Ethernet Adapter
Device ID: ROOT\ROOT&QRKIS\0000
Manufacturer: Tether
Name: Tether Ethernet Adapter
PNP Device ID: ROOT\ROOT&QRKIS\0000
Service: qrkis
.
==== System Restore Points ===================
.
RP254: 6/25/2013 12:10:32 PM - System Checkpoint
RP255: 6/26/2013 3:00:38 AM - Software Distribution Service 3.0
RP256: 6/26/2013 10:55:31 PM - Software Distribution Service 3.0
RP257: 6/27/2013 3:28:10 AM - Software Distribution Service 3.0
RP258: 6/28/2013 3:23:23 AM - Software Distribution Service 3.0
RP259: 6/29/2013 3:23:11 AM - Software Distribution Service 3.0
RP260: 6/30/2013 1:36:12 AM - Software Distribution Service 3.0
RP261: 6/30/2013 3:23:13 AM - Software Distribution Service 3.0
RP262: 7/1/2013 9:48:41 PM - Software Distribution Service 3.0
RP263: 7/2/2013 3:23:56 AM - Software Distribution Service 3.0
RP264: 7/3/2013 3:22:22 AM - Software Distribution Service 3.0
RP265: 7/4/2013 4:05:00 AM - System Checkpoint
RP266: 7/4/2013 1:07:20 PM - Software Distribution Service 3.0
RP267: 7/5/2013 1:23:01 PM - System Checkpoint
RP268: 7/5/2013 10:25:19 PM - Software Distribution Service 3.0
RP269: 7/6/2013 10:25:09 PM - Software Distribution Service 3.0
RP270: 7/7/2013 2:24:35 AM - Software Distribution Service 3.0
RP271: 7/7/2013 10:25:06 PM - Software Distribution Service 3.0
RP272: 7/8/2013 10:27:42 PM - Software Distribution Service 3.0
RP273: 7/9/2013 10:31:34 PM - Software Distribution Service 3.0
RP274: 7/10/2013 10:33:44 PM - Software Distribution Service 3.0
RP275: 7/11/2013 10:31:06 PM - Software Distribution Service 3.0
RP276: 7/12/2013 3:00:29 AM - Software Distribution Service 3.0
RP277: 7/13/2013 11:53:38 AM - Software Distribution Service 3.0
RP278: 7/14/2013 2:25:20 AM - Software Distribution Service 3.0
RP279: 7/14/2013 11:50:37 AM - Software Distribution Service 3.0
RP280: 7/15/2013 11:42:35 AM - Software Distribution Service 3.0
RP281: 7/16/2013 11:42:31 AM - Software Distribution Service 3.0
RP282: 7/17/2013 1:29:54 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
ALPS Touch Pad Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
BlackBerry Desktop Software 5.0.1
BlazeDVDCopy 4.0
Broadcom Gigabit Integrated Controller
C-Major Audio
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
CCleaner
Conexant D110 MDC V.9x Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Resource CD
Dell Wireless WLAN Card
Doxillion Document Converter
Express Accounts
Express Dictate
Express Scribe
Google Chrome
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PROSet/Wireless Software
iTunes
Java 7 Update 7
Java Auto Updater
Java(TM) 6 Update 14
Java(TM) 6 Update 5
Malwarebytes Anti-Malware version 1.75.0.1300
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 2.0
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
mIWA
mLogView
mMHouse
Move Media Player
mPfMgr
mPfWiz
mProSafe
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mWMI
mXML
mZConfig
Nikon Message Center
Nikon RAW Codec
Octoshape add-in for Adobe Flash Player
OpenOffice.org 2.0
PhotoStage Slideshow Producer
Picture Control Utility
QuickSet
RayV
Remove Sudoku Master
Replay Media Catcher 4 (4.3.2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB2838727)
Security Update for Windows Internet Explorer 7 (KB2846071)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sierra Utilities
Sony Player Plug-in for Windows Media Player
Spybot - Search & Destroy
Tether 1.1.0.6
Texas Instruments PCIxx21/x515 drivers.
TI_Inst
Ulead DVD Player
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.21342 BrowserJavaVersion: 10.7.2
Run by User at 14:49:58 on 2013-07-17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.150 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Tether\TBService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\RayV\RayV\RayV.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://drudgereport.com/
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [RayV] c:\program files\rayv\rayv\RayV.exe /background
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{25C03E94-545E-4206-B330-53455A5D4A7C} : DHCPNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{3839880C-D975-4408-BB2A-E1C1362C92FC} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{C917C4AC-7EC1-49E1-8EF0-FFA48E0DC529} : DHCPNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{F7D4DA11-0DBD-4DB9-A747-9FE862CE929E} : DHCPNameServer = 65.32.5.111 65.32.5.112
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 Tether;Tether;c:\program files\tether\TBService.exe [2010-8-23 49080]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2011-10-24 28256]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2007-1-11 87936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2011-10-24 28256]
S3 ExpressAccountsService;Express Accounts;c:\program files\nch software\expressaccounts\expressaccounts.exe [2011-9-5 2646020]
S3 qrkis;Tether Miniport;c:\windows\system32\drivers\qrkis.sys [2010-8-23 45608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-07-17 17:30:00 7143960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{05cd363e-51bd-4a05-8ed1-cc6ba77f5dd3}\mpengine.dll
2013-06-29 20:07:04 -------- d-----w- c:\program files\CCleaner
2013-06-25 15:09:23 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-06-25 15:09:23 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
.
==================== Find3M ====================
.
2013-06-07 21:30:55 841216 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:30:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-06-07 21:30:54 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 21:30:54 17408 ------w- c:\windows\system32\corpol.dll
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-16 11:01:02 389120 ----a-w- c:\windows\system32\html.iec
2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 01:26:26 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:18 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-02 06:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 14:51:33.39 ===============
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-07-17 21:20:30
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK4026GAX rev.PA102D 37.26GB
Running: yzk2wh0e.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\pwlyapod.sys
---- Kernel code sections - GMER 2.1 ----
? C:\DOCUME~1\User\LOCALS~1\Temp\mbr.sys The filename, directory name, or volume label syntax is incorrect. !
---- User code sections - GMER 2.1 ----
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B4, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B7, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B4, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B5, 7D, 00] {TEST AL, 0xb5; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9153CE
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B6, 7D, 00] {TEST AL, 0xb6; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B5, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B6, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91543F
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B4, 7D, 00] {TEST AL, 0xb4; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91556D
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B5, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B6, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B7, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 50, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 53, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 50, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 51, 8B, 00] {TEST AL, 0x51; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91616A
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 52, 8B, 00] {TEST AL, 0x52; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 51, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 52, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9161DB
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 50, 8B, 00] {TEST AL, 0x50; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B916309
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 51, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 52, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 53, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 43, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91255A
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9125CB
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9126F9
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 43, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6cbad23
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6ed3c1c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00164119892a
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6cbad23 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6ed3c1c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00164119892a (not active ControlSet)
---- EOF - GMER 2.1 ----
Thanks for help. My main PC died (CPU or Motherboard), so I'm using my laptop:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:45:13 PM, on 7/17/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21342)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tether\TBService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\RayV\RayV\RayV.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\My Documents\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3839880C-D975-4408-BB2A-E1C1362C92FC}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Express Accounts (ExpressAccountsService) - Unknown owner - C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Tether - Unknown owner - C:\Program Files\Tether\TBService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 7014 bytes
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/11/2007 9:12:57 AM
System Uptime: 7/17/2013 1:18:35 PM (1 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Pentium(R) M processor 1.86GHz | Microprocessor | 1862/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 37 GiB total, 18.998 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Tether Ethernet Adapter
Device ID: ROOT\ROOT&QRKIS\0000
Manufacturer: Tether
Name: Tether Ethernet Adapter
PNP Device ID: ROOT\ROOT&QRKIS\0000
Service: qrkis
.
==== System Restore Points ===================
.
RP254: 6/25/2013 12:10:32 PM - System Checkpoint
RP255: 6/26/2013 3:00:38 AM - Software Distribution Service 3.0
RP256: 6/26/2013 10:55:31 PM - Software Distribution Service 3.0
RP257: 6/27/2013 3:28:10 AM - Software Distribution Service 3.0
RP258: 6/28/2013 3:23:23 AM - Software Distribution Service 3.0
RP259: 6/29/2013 3:23:11 AM - Software Distribution Service 3.0
RP260: 6/30/2013 1:36:12 AM - Software Distribution Service 3.0
RP261: 6/30/2013 3:23:13 AM - Software Distribution Service 3.0
RP262: 7/1/2013 9:48:41 PM - Software Distribution Service 3.0
RP263: 7/2/2013 3:23:56 AM - Software Distribution Service 3.0
RP264: 7/3/2013 3:22:22 AM - Software Distribution Service 3.0
RP265: 7/4/2013 4:05:00 AM - System Checkpoint
RP266: 7/4/2013 1:07:20 PM - Software Distribution Service 3.0
RP267: 7/5/2013 1:23:01 PM - System Checkpoint
RP268: 7/5/2013 10:25:19 PM - Software Distribution Service 3.0
RP269: 7/6/2013 10:25:09 PM - Software Distribution Service 3.0
RP270: 7/7/2013 2:24:35 AM - Software Distribution Service 3.0
RP271: 7/7/2013 10:25:06 PM - Software Distribution Service 3.0
RP272: 7/8/2013 10:27:42 PM - Software Distribution Service 3.0
RP273: 7/9/2013 10:31:34 PM - Software Distribution Service 3.0
RP274: 7/10/2013 10:33:44 PM - Software Distribution Service 3.0
RP275: 7/11/2013 10:31:06 PM - Software Distribution Service 3.0
RP276: 7/12/2013 3:00:29 AM - Software Distribution Service 3.0
RP277: 7/13/2013 11:53:38 AM - Software Distribution Service 3.0
RP278: 7/14/2013 2:25:20 AM - Software Distribution Service 3.0
RP279: 7/14/2013 11:50:37 AM - Software Distribution Service 3.0
RP280: 7/15/2013 11:42:35 AM - Software Distribution Service 3.0
RP281: 7/16/2013 11:42:31 AM - Software Distribution Service 3.0
RP282: 7/17/2013 1:29:54 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
ALPS Touch Pad Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
BlackBerry Desktop Software 5.0.1
BlazeDVDCopy 4.0
Broadcom Gigabit Integrated Controller
C-Major Audio
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
CCleaner
Conexant D110 MDC V.9x Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Resource CD
Dell Wireless WLAN Card
Doxillion Document Converter
Express Accounts
Express Dictate
Express Scribe
Google Chrome
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PROSet/Wireless Software
iTunes
Java 7 Update 7
Java Auto Updater
Java(TM) 6 Update 14
Java(TM) 6 Update 5
Malwarebytes Anti-Malware version 1.75.0.1300
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 2.0
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
mIWA
mLogView
mMHouse
Move Media Player
mPfMgr
mPfWiz
mProSafe
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mWMI
mXML
mZConfig
Nikon Message Center
Nikon RAW Codec
Octoshape add-in for Adobe Flash Player
OpenOffice.org 2.0
PhotoStage Slideshow Producer
Picture Control Utility
QuickSet
RayV
Remove Sudoku Master
Replay Media Catcher 4 (4.3.2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB2838727)
Security Update for Windows Internet Explorer 7 (KB2846071)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sierra Utilities
Sony Player Plug-in for Windows Media Player
Spybot - Search & Destroy
Tether 1.1.0.6
Texas Instruments PCIxx21/x515 drivers.
TI_Inst
Ulead DVD Player
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.21342 BrowserJavaVersion: 10.7.2
Run by User at 14:49:58 on 2013-07-17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.150 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Tether\TBService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\RayV\RayV\RayV.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://drudgereport.com/
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [RayV] c:\program files\rayv\rayv\RayV.exe /background
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{25C03E94-545E-4206-B330-53455A5D4A7C} : DHCPNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{3839880C-D975-4408-BB2A-E1C1362C92FC} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{C917C4AC-7EC1-49E1-8EF0-FFA48E0DC529} : DHCPNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{F7D4DA11-0DBD-4DB9-A747-9FE862CE929E} : DHCPNameServer = 65.32.5.111 65.32.5.112
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 Tether;Tether;c:\program files\tether\TBService.exe [2010-8-23 49080]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2011-10-24 28256]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2007-1-11 87936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2011-10-24 28256]
S3 ExpressAccountsService;Express Accounts;c:\program files\nch software\expressaccounts\expressaccounts.exe [2011-9-5 2646020]
S3 qrkis;Tether Miniport;c:\windows\system32\drivers\qrkis.sys [2010-8-23 45608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-07-17 17:30:00 7143960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{05cd363e-51bd-4a05-8ed1-cc6ba77f5dd3}\mpengine.dll
2013-06-29 20:07:04 -------- d-----w- c:\program files\CCleaner
2013-06-25 15:09:23 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-06-25 15:09:23 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
.
==================== Find3M ====================
.
2013-06-07 21:30:55 841216 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:30:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-06-07 21:30:54 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 21:30:54 17408 ------w- c:\windows\system32\corpol.dll
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-16 11:01:02 389120 ----a-w- c:\windows\system32\html.iec
2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 01:26:26 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:18 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-02 06:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 14:51:33.39 ===============
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-07-17 21:20:30
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK4026GAX rev.PA102D 37.26GB
Running: yzk2wh0e.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\pwlyapod.sys
---- Kernel code sections - GMER 2.1 ----
? C:\DOCUME~1\User\LOCALS~1\Temp\mbr.sys The filename, directory name, or volume label syntax is incorrect. !
---- User code sections - GMER 2.1 ----
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B4, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B7, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B4, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B5, 7D, 00] {TEST AL, 0xb5; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9153CE
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B6, 7D, 00] {TEST AL, 0xb6; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B5, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B6, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91543F
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B4, 7D, 00] {TEST AL, 0xb4; JGE 0x4}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91556D
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B5, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B6, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B7, 7D, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2036] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 50, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 53, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 50, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 51, 8B, 00] {TEST AL, 0x51; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91616A
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 52, 8B, 00] {TEST AL, 0x52; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 51, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 52, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9161DB
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 50, 8B, 00] {TEST AL, 0x50; MOV EAX, [EAX]}
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B916309
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 51, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 52, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 53, 8B, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2264] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 43, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91255A
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9125CB
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 40, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9126F9
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 41, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 42, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 43, 4F, 00]
.text C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2920] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6cbad23
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6ed3c1c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00164119892a
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6cbad23 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6ed3c1c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00164119892a (not active ControlSet)
---- EOF - GMER 2.1 ----