DDS (Ver_09-12-01.01) - NTFSx86
Run by lobam at 20:25:44.13 on Tue 02/16/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.759.235 [GMT -6:00]
AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\PROGRAM FILES\DAEMON TOOLS LITE\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\lobam\Desktop\Malware cleaners\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.yahoo.com/uInternet Settings,ProxyOverride = local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Google Update] "c:\documents and settings\lobam\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Monitor] "c:\windows\pixart\pac207\Monitor.exe"
mRun: [SoundMan] "SOUNDMAN.EXE"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinPatrol PLUS] "c:\program files\billp studios\winpatrol\winpatrol.exe" -expressboot
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} -
hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dllDPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} -
hxxp://utilities.pcpitstop.com/Nirvana/ ... cmatic.cabDPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
Hosts: 127.0.0.1
www.spywareinfo.com================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\lobam\applic~1\mozilla\firefox\profiles\zjp96wl0.myb\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/FF - component: c:\documents and settings\lobam\application data\mozilla\firefox\profiles\zjp96wl0.myb\extensions\{81bf1d23-5f17-408d-ac6b-bd6df7caf670}\components\XpcomOpusConnector.dll
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\lobam\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2010-2-14 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-2-14 161800]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-2-14 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-2-14 28424]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-2-14 360584]
R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-2-14 906520]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-2-14 285392]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-2-14 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-2-14 5832712]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-11-13 269648]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-2-14 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2010-2-14 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2010-2-14 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2010-2-14 25736]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-11-13 19160]
R3 PAC207;Basic Webcam;c:\windows\system32\drivers\PFC027.SYS [2006-11-20 506112]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-2-14 30104]
S4 SABKUTIL;SABKUTIL;\??\c:\program files\superadblocker.com\super ad blocker\sabkutil.sys --> c:\program files\superadblocker.com\super ad blocker\SABKUTIL.sys [?]
S4 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
=============== Created Last 30 ================
2010-02-14 21:38:34 0 d--h--w- C:\$AVG
2010-02-14 21:37:41 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2010-02-14 21:37:40 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-02-14 21:36:26 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2010-02-14 21:36:25 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2010-02-14 21:36:09 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2010-02-14 16:11:55 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-14 16:11:53 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-14 16:11:43 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-14 16:11:29 0 d-----w- c:\windows\system32\drivers\Avg
2010-02-14 16:10:56 0 d-----w- c:\program files\AVG
2010-02-13 19:30:55 251 ----a-w- c:\windows\BissHM.ini
2010-02-13 19:27:01 0 d-----w- c:\program files\Bluetack
2010-02-12 20:03:55 0 d-sha-r- C:\cmdcons
2010-02-10 22:28:45 0 d-----w- c:\docume~1\lobam\applic~1\FoxyTunes
2010-02-10 22:28:35 0 d-----w- c:\program files\FoxyTunes
2010-02-10 03:59:51 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-02-10 03:42:09 1355 ----a-w- c:\windows\imsins.BAK
2010-02-10 02:39:34 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-02-10 02:18:57 0 d-----w- c:\docume~1\alluse~1\applic~1\PCPitstop
2010-02-10 02:05:33 0 d-----w- c:\program files\PCPitstop
2010-02-08 21:32:30 139536 ----a-w- c:\windows\system32\javaee.dll
2010-02-08 20:33:41 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-02-08 05:29:21 0 d-----w- C:\ie-spyad_zo
2010-02-07 22:30:27 0 d-----w- c:\docume~1\lobam\applic~1\HD Tune Pro
2010-02-07 22:26:43 0 d-----w- c:\program files\HD Tune Pro
2010-02-07 22:26:31 24576 ----a-w- c:\windows\system32\mvistasf.exe
2010-02-07 22:26:31 208994 ----a-w- c:\windows\system32\xpsf.exe
2010-02-07 22:26:31 20480 ----a-w- c:\windows\system32\psf.exe
2010-02-07 22:26:31 151648 ----a-w- c:\windows\system32\xpsf2.exe
2010-02-07 22:26:31 151634 ----a-w- c:\windows\system32\sson.exe
2010-02-07 22:26:31 0 d-----w- c:\program files\SpeeDefrag
2010-02-07 22:26:19 0 d-----w- c:\program files\Defraggler
2010-02-07 07:05:47 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2010-02-07 06:10:57 0 d-sh--w- c:\documents and settings\lobam\IECompatCache
2010-02-07 03:47:54 91136 -c--a-w- c:\windows\system32\dllcache\kswdmcap.ax
2010-02-07 03:47:54 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2010-02-07 03:47:54 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-02-07 03:47:54 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-02-07 03:47:54 43008 -c--a-w- c:\windows\system32\dllcache\ksxbar.ax
2010-02-07 03:47:54 43008 ----a-w- c:\windows\system32\ksxbar.ax
2010-02-07 03:47:53 61952 -c--a-w- c:\windows\system32\dllcache\kstvtune.ax
2010-02-07 03:47:53 61952 ----a-w- c:\windows\system32\kstvtune.ax
2010-02-07 03:43:26 48128 ----a-w- c:\windows\system32\Remove.exe
2010-02-07 03:43:26 316 ----a-w- c:\windows\system32\Remover.ini
2010-02-07 03:43:17 0 d-----w- c:\windows\PixArt
2010-02-07 03:43:16 0 d-----w- c:\program files\common files\PAC207
2010-02-07 03:43:15 0 d-----w- c:\program files\Basic Webcam
2010-02-07 03:42:49 0 d-----w- c:\windows\Downloaded Installations
2010-02-07 03:42:16 0 d-----w- c:\program files\BestOn
2010-02-06 03:58:56 0 d-----w- c:\program files\FileHippo.com
2010-02-06 03:58:01 3435402 ----a-w- c:\windows\system32\KDDL
2010-02-05 14:29:55 266360 ----a-w- c:\windows\system32\TweakUI.exe
2010-02-05 14:29:55 160217 ----a-w- c:\windows\system32\PowerToysLicense.rtf
2010-02-05 13:36:17 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-02-05 12:40:36 0 d-----w- c:\docume~1\lobam\applic~1\SiteHound
2010-02-05 12:40:31 0 d-----w- c:\program files\FireTrust
2010-02-04 20:08:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-04 17:47:54 0 d-----w- c:\docume~1\lobam\applic~1\TrueSwitch
2010-02-04 17:47:39 0 d-----w- c:\program files\TrueSwitchEsaya
2010-02-04 16:49:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-04 16:47:49 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-04 16:47:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-04 16:47:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-04 16:47:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-04 16:47:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-04 16:47:45 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-04 16:44:01 0 dc-h--w- c:\windows\ie8
2010-02-03 17:45:24 0 d-----w- c:\program files\BSCCleanitol
2010-02-03 17:41:08 535 ----a-w- c:\windows\eReg.dat
2010-02-03 17:41:04 0 d-----w- c:\program files\Maxis
2010-02-03 17:28:44 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2010-02-03 17:26:18 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-03 17:26:04 0 d-----w- c:\program files\DAEMON Tools Lite
2010-02-03 17:25:58 0 d-----w- c:\docume~1\lobam\applic~1\DAEMON Tools Lite
2010-02-03 17:25:56 0 d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2010-02-03 15:12:05 0 d-----w- c:\docume~1\lobam\applic~1\WinPatrol
2010-02-03 15:11:58 0 d-----w- c:\program files\BillP Studios
2010-02-03 14:35:02 0 d-----w- c:\program files\SpywareBlaster
2010-02-03 14:13:03 0 d-----w- c:\docume~1\lobam\applic~1\QuickScan
2010-02-03 14:00:06 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-03 09:17:55 0 d-----w- c:\docume~1\alluse~1\applic~1\abelhadigital.com
2010-02-03 09:17:07 0 d-----w- c:\docume~1\lobam\applic~1\abelhadigital.com
2010-02-03 07:20:26 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-02-03 07:20:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-02-03 07:14:07 754 ----a-w- c:\windows\WORDPAD.INI
2010-02-03 07:05:04 0 d-----w- c:\program files\TrendMicro
2010-01-22 03:06:45 0 d-----w- c:\program files\MediaMonkey
2010-01-22 00:52:19 0 d-----w- c:\program files\CCleaner
==================== Find3M ====================
2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14:05 916480 ------w- c:\windows\system32\wininet.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-10 04:54:07 261632 ----a-w- c:\windows\PEV.exe
2009-12-08 19:27:51 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43:50 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 17:11:44 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-26 23:12:13 13836 ---ha-w- c:\windows\system32\mlfcache.dat
============= FINISH: 20:28:34.46 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/18/2009 1:05:40 AM
System Uptime: 2/14/2010 4:25:20 PM (52 hours ago)
Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | Gamila/Giovani/Neon series
Processor: Intel(R) Celeron(R) CPU 2.70GHz | Socket 478 | 2700/100mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 26.569 GiB free.
D: is CDROM (CDFS)
G: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Description: Lucent Win Modem
Device ID: PCI\VEN_11C1&DEV_044C&SUBSYS_044C11C1&REV_02\4&1A671D0C&0&58F0
Manufacturer: Lucent
Name: Lucent Win Modem
PNP Device ID: PCI\VEN_11C1&DEV_044C&SUBSYS_044C11C1&REV_02\4&1A671D0C&0&58F0
Service: Modem
==== System Restore Points ===================
RP51: 1/22/2010 3:00:20 AM - Software Distribution Service 3.0
RP52: 1/28/2010 1:00:27 PM - System Checkpoint
RP53: 2/2/2010 9:12:01 AM - System Checkpoint
RP54: 2/3/2010 1:05:02 AM - Installed HiJackThis
RP55: 2/3/2010 3:24:53 AM - Installed SUPERAntiSpyware Free Edition
RP56: 2/3/2010 7:58:28 AM - Installed Java(TM) 6 Update 18
RP57: 2/3/2010 11:26:18 AM - SPTD setup V1.62
RP58: 2/4/2010 10:36:36 AM - Software Distribution Service 3.0
RP59: 2/4/2010 12:40:57 PM - Software Distribution Service 3.0
RP60: 2/4/2010 2:20:46 PM - Software Distribution Service 3.0
RP61: 2/5/2010 7:11:22 AM - Installed AVG 9.0
RP62: 2/5/2010 7:29:47 AM - Installed AVG Free 9.0
RP63: 2/5/2010 7:35:55 AM - Installed AVG 7.5
RP64: 2/5/2010 7:54:55 AM - Installed AVG Free 8.5
RP65: 2/5/2010 8:10:48 AM - Installed AVG Free 8.5
RP66: 2/6/2010 9:04:12 AM - System Checkpoint
RP67: 2/6/2010 9:42:16 PM - Installed WebCam Suite 2.0
RP68: 2/6/2010 9:43:08 PM - Installed Basic Webcam
RP69: 2/7/2010 12:55:07 AM - Removed AVG 7.5
RP70: 2/7/2010 12:56:15 AM - Installed AVG 7.5
RP71: 2/7/2010 1:01:56 AM - Installed AVG Free 8.5
RP72: 2/7/2010 1:04:52 AM - Installed Kaspersky Anti-Virus 2010.
RP73: 2/7/2010 2:02:21 PM - Removed Kaspersky Anti-Virus 2010.
RP74: 2/7/2010 4:08:05 PM - Removed Java(TM) 6 Update 18
RP75: 2/7/2010 4:09:43 PM - Installed Java(TM) 6 Update 18
RP76: 2/8/2010 2:30:50 PM - Removed Java(TM) 6 Update 18
RP77: 2/8/2010 2:32:58 PM - Installed Java(TM) 6 Update 18
RP78: 2/9/2010 3:11:52 PM - System Checkpoint
RP79: 2/9/2010 9:41:13 PM - Software Distribution Service 3.0
RP80: 2/9/2010 9:59:04 PM - Software Distribution Service 3.0
RP81: 2/11/2010 1:05:36 AM - System Checkpoint
RP82: 2/12/2010 1:27:22 AM - Software Distribution Service 3.0
RP83: 2/13/2010 1:33:35 AM - System Checkpoint
RP84: 2/13/2010 1:26:58 PM - Installed B.I.S.S. Hosts Manager
RP85: 2/13/2010 1:36:00 PM - Removed B.I.S.S. Hosts Manager
RP86: 2/14/2010 10:10:54 AM - Installed AVG Free 8.5
RP87: 2/14/2010 10:24:26 AM - Avg8 Update
RP88: 2/14/2010 1:00:25 PM - Avg8 Update
RP89: 2/14/2010 1:03:28 PM - Avg8 Update
RP90: 2/14/2010 3:35:40 PM - Installed AVG 9.0
RP91: 2/14/2010 4:05:56 PM - Avg8 Update
RP92: 2/16/2010 6:17:43 AM - System Checkpoint
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe® Flash® Player 10 Plugin
AVG 9.0
Basic Webcam
BSC Cleanitol TM
Card Games for Windows
CCleaner
Defraggler
FileHippo.com Update Checker
Google Chrome
HD Tune Pro 4.01
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Extreme Graphics Driver
Java Auto Updater
Java(TM) 6 Update 18
Malwarebytes' Anti-Malware
MediaMonkey 3.2
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Visual C++ 2005 Redistributable
mIRC
Mozilla Firefox (3.5.7)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6 Service Pack 2 (KB973686)
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SimCity 4 Deluxe
SpeeDefrag 5.2.1
SpywareBlaster 4.2
TeamViewer 4
Tweak UI
Unlocker 1.8.8
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
WebCam Suite 2.0
WebFldrs XP
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
WinPatrol 2009
WinZip 14.0
Yahoo! Messenger
YTK Pro v1.5 [Build 499d]
==== Event Viewer Messages From Past Week ========
2/9/2010 9:56:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
2/9/2010 9:56:32 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/12/2010 6:56:49 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
2/12/2010 6:52:35 AM, error: PlugPlayManager [11] - The device Root\LEGACY_SSIDRV\0000 disappeared from the system without first being prepared for removal.
2/12/2010 6:52:35 AM, error: PlugPlayManager [11] - The device Root\LEGACY_SSHRMD\0000 disappeared from the system without first being prepared for removal.
2/12/2010 6:52:35 AM, error: PlugPlayManager [11] - The device Root\LEGACY_SSFS0BBC\0000 disappeared from the system without first being prepared for removal.
2/12/2010 6:52:28 AM, error: Service Control Manager [7034] - The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).
2/12/2010 6:52:23 AM, error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
2/12/2010 2:10:25 PM, error: PlugPlayManager [11] - The device Root\LEGACY_UNLOCKERDRIVER5\0000 disappeared from the system without first being prepared for removal.
2/10/2010 8:34:03 PM, error: SSIDRV [26] -
2/10/2010 2:56:15 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the 1257375363SsTR service to connect.
2/10/2010 2:56:15 PM, error: Service Control Manager [7000] - The 1257375363SsTR service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
==== End Of File ===========================
GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-02-16 22:11:41
Windows 5.1.2600 Service Pack 3
Running: ny5ljc3t.exe; Driver: C:\DOCUME~1\lobam\LOCALS~1\Temp\ffpoypod.sys
---- System - GMER 1.0.15 ----
SSDT spyv.sys ZwCreateKey [0xF75430E0]
SSDT spyv.sys ZwEnumerateKey [0xF755BDA4]
SSDT spyv.sys ZwEnumerateValueKey [0xF755C132]
SSDT spyv.sys ZwOpenKey [0xF75430C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwOpenProcess [0xF793F470]
SSDT spyv.sys ZwQueryKey [0xF755C20A]
SSDT spyv.sys ZwQueryValueKey [0xF755C08A]
SSDT spyv.sys ZwSetValueKey [0xF755C29C]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateProcess [0xF793F520]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateThread [0xF793F5C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwWriteVirtualMemory [0xF793F660]
INT 0x62 ? 83B6FBF8
INT 0x63 ? 83A14BF8
INT 0x82 ? 83B6FBF8
INT 0xA4 ? 83A14BF8
INT 0xB4 ? 83A14BF8
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 83B6E1F8
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies )
Device \FileSystem\Fastfat \FatCdrom 8313C1F8
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\sptd \Device\2574761788 spyv.sys
Device \Driver\usbuhci \Device\USBPDO-0 8378A1F8
Device \Driver\usbuhci \Device\USBPDO-1 8378A1F8
Device \Driver\usbuhci \Device\USBPDO-2 8378A1F8
Device \Driver\usbehci \Device\USBPDO-3 83A051F8
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Ftdisk \Device\HarddiskVolume1 83BDE1F8
Device \Driver\Cdrom \Device\CdRom0 839FB1F8
Device \Driver\Cdrom \Device\CdRom1 839FB1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F74BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F74BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F74BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F74BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 8387D1F8
Device \Driver\PCI_PNP8038 \Device\0000004a spyv.sys
Device \Driver\NetBT \Device\NetbiosSmb 8387D1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{54F4948C-CF46-4ED4-9A31-B84185809DFB} 8387D1F8
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\usbuhci \Device\USBFDO-0 8378A1F8
Device \Driver\usbuhci \Device\USBFDO-1 8378A1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 83844500
Device \Driver\usbuhci \Device\USBFDO-2 8378A1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 83844500
Device \Driver\usbehci \Device\USBFDO-3 83A051F8
Device \Driver\Ftdisk \Device\FtControl 83BDE1F8
Device \Driver\adn4afqe \Device\Scsi\adn4afqe1Port2Path0Target0Lun0 837681F8
Device \Driver\adn4afqe \Device\Scsi\adn4afqe1 837681F8
Device \FileSystem\Fastfat \Fat 8313C1F8
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies )
Device \FileSystem\Cdfs \Cdfs 838AF500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7E 0x67 0xD1 0x25 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB5 0x0F 0x3D 0x09 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0x71 0x57 0x61 ...
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 35
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\Services\MRxDAV\EncryptedDirectories@
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7B 0x30 0x62 0x1D ...
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB5 0x0F 0x3D 0x09 ...
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\controlset002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0x71 0x57 0x61 ...
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 35
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xDF 0x7B 0xC8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB5 0x0F 0x3D 0x09 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0x71 0x57 0x61 ...
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 35
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\ControlSet005\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xDF 0x7B 0xC8 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB5 0x0F 0x3D 0x09 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x11 0x71 0x57 0x61 ...
---- EOF - GMER 1.0.15 ----