DDS (Ver_09-03-16.01) - NTFSx86
Run by Tariq Benson at 18:34:31.76 on 18/03/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1446 [GMT 0:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: COMODO Firewall Pro *enabled*
============== Running Processes ===============
H:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
H:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\userinit.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Microsoft IntelliType Pro\itype.exe
H:\Program Files\Microsoft IntelliPoint\ipoint.exe
H:\Program Files\COMODO\SafeSurf\cssurf.exe
H:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\PROGRA~1\AVG\AVG8\avgtray.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
H:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
H:\Documents and Settings\Tariq Benson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
H:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
H:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe -k imgsvc
H:\PROGRA~1\AVG\AVG8\avgrsx.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\Tariq Benson\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.google.com/uInternet Settings,ProxyOverride = *.local
BHO: AutorunsDisabled - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - h:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - h:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - h:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - h:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - h:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - h:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] h:\windows\system32\ctfmon.exe
uRun: [Center Agent] h:\program files\kworld multimedia\hypermediacenter\dtvr\Scheduled.exe
uRun: [Google Update] "h:\documents and settings\tariq benson\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [MSMSGS] "h:\program files\messenger\msmsgs.exe" /background
uRun: [SpybotSD TeaTimer] h:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE h:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE h:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [itype] "h:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "h:\program files\microsoft intellipoint\ipoint.exe"
mRun: [COMODO SafeSurf] "h:\program files\comodo\safesurf\cssurf.exe" -s
mRun: [Adobe Photo Downloader] "h:\program files\adobe\photoshop elements 6.0\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "h:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "h:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "h:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "h:\program files\itunes\iTunesHelper.exe"
mRun: [AVG8_TRAY] h:\progra~1\avg\avg8\avgtray.exe
dRun: [CTFMON.EXE] h:\windows\system32\CTFMON.EXE
StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\remote~1.lnk - h:\program files\kworld multimedia\tv tuner card utilities\HMCP3XCtl.exe
StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\adober~1.lnk - h:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - h:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - h:\program files\messenger\msmsgs.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - h:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - h:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: h:\windows\system32\cssdll32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - h:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - h:\docume~1\tariqb~1\applic~1\mozilla\firefox\profiles\vke9wa5d.default\
FF - component: h:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: h:\documents and settings\tariq benson\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: h:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll
============= SERVICES / DRIVERS ===============
R0 pavboot;pavboot;h:\windows\system32\drivers\pavboot.sys [2009-3-17 28544]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [2009-1-1 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;h:\windows\system32\drivers\avgmfx86.sys [2009-1-1 27656]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;h:\program files\adobe\photoshop elements 6.0\PhotoshopElementsFileAgent.exe [2007-9-10 124832]
R2 avg8wd;AVG Free8 WatchDog;h:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-1 298264]
R3 3xHybrid;3xHybrid service;h:\windows\system32\drivers\3xHybrid.sys [2008-6-3 674048]
S3 getPlus(R) Helper;getPlus(R) Helper;h:\program files\nos\bin\getPlus_HelperSvc.exe [2008-10-21 33752]
=============== Created Last 30 ================
2009-03-17 22:14 28,544 a------- h:\windows\system32\drivers\pavboot.sys
2009-03-17 22:14 <DIR> --d----- h:\program files\Panda Security
2009-03-14 14:12 <DIR> --d----- h:\program files\Trend Micro
2009-03-14 13:12 102,664 a------- h:\windows\system32\drivers\tmcomm.sys
2009-03-14 13:11 <DIR> --d----- h:\documents and settings\tariq benson\.housecall6.6
2009-03-14 01:39 <DIR> --d----- h:\docume~1\tariqb~1\applic~1\Malwarebytes
2009-03-14 01:39 15,504 a------- h:\windows\system32\drivers\mbam.sys
2009-03-14 01:39 38,496 a------- h:\windows\system32\drivers\mbamswissarmy.sys
2009-03-14 01:39 <DIR> --d----- h:\program files\Malwarebytes' Anti-Malware
2009-03-14 01:39 <DIR> --d----- h:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-14 00:47 <DIR> --d----- h:\windows\pss
2009-03-14 00:17 <DIR> --d----- h:\program files\Spybot - Search & Destroy
2009-03-14 00:17 <DIR> --d----- h:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-03-11 22:31 221,184 a------- h:\windows\system32\wmpns.dll
2009-03-08 21:42 <DIR> --d----- h:\program files\MSXML 4.0
2009-03-06 21:11 15,104 ac------ h:\windows\system32\dllcache\usbscan.sys
2009-03-06 21:11 15,104 a------- h:\windows\system32\drivers\usbscan.sys
2009-03-06 21:11 5,632 a------- h:\windows\system32\ptpusb.dll
2009-03-06 21:11 159,232 a------- h:\windows\system32\ptpusd.dll
2009-03-05 21:13 <DIR> --d----- h:\docume~1\tariqb~1\applic~1\Samsung
2009-03-05 21:12 174,592 a------- h:\windows\system32\framedyn.dll
2009-03-05 21:12 5,632 a------- h:\windows\system32\drivers\StarOpen.sys
==================== Find3M ====================
2009-03-14 00:00 33,280 a------- h:\windows\system32\userinit.exe
2009-02-09 11:13 1,846,784 a------- h:\windows\system32\win32k.sys
2009-02-03 18:49 325,128 a------- h:\windows\system32\drivers\avgldx86.sys
2009-02-03 18:49 10,520 a------- h:\windows\system32\avgrsstx.dll
2008-12-20 23:15 826,368 a------- h:\windows\system32\wininet.dll
2008-10-31 11:20 32,768 a--sh--- h:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008103120081101\index.dat
============= FINISH: 18:34:53.00 ===============
NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-03-16.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 03/06/2008 21:43:16
System Uptime: 18/03/2009 18:24:46 (0 hours ago)
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | MS-7392
Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz | CPU 1 | 2399/200mhz
==== Disk Partitions =========================
D: is Removable
E: is Removable
F: is Removable
G: is CDROM ()
H: is FIXED (NTFS) - 466 GiB total, 377.571 GiB free.
I: is Removable
J: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: nVidia WDM Video Capture (universal)
Device ID: DISPLAY\NVCAP\5&176A3AAB&0&CA000002&01&00
Manufacturer: nVidia
Name: nVidia WDM Video Capture (universal)
PNP Device ID: DISPLAY\NVCAP\5&176A3AAB&0&CA000002&01&00
Service: nvcap
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter
Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&33472782&0&0000
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter
PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&33472782&0&0000
Service: NuidFltr
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter
Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&33472782&0&0002
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter
PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&33472782&0&0002
Service: NuidFltr
==== System Restore Points ===================
RP144: 18/12/2008 23:43:24 - Software Distribution Service 3.0
RP145: 20/12/2008 11:25:35 - System Checkpoint
RP146: 21/12/2008 13:50:53 - System Checkpoint
RP147: 22/12/2008 16:54:47 - System Checkpoint
RP148: 22/12/2008 16:57:40 - Installed Java(TM) 6 Update 11
RP149: 23/12/2008 17:43:15 - System Checkpoint
RP150: 26/12/2008 16:07:18 - System Checkpoint
RP151: 29/12/2008 18:54:08 - System Checkpoint
RP152: 31/12/2008 15:40:18 - System Checkpoint
RP153: 01/01/2009 15:12:39 - Installed AVG Free 8.0
RP154: 01/01/2009 15:43:05 - Avg8 Update
RP155: 02/01/2009 23:12:08 - System Checkpoint
RP156: 04/01/2009 14:01:24 - System Checkpoint
RP157: 06/01/2009 20:46:28 - System Checkpoint
RP158: 07/01/2009 22:09:43 - System Checkpoint
RP159: 10/01/2009 16:54:30 - System Checkpoint
RP160: 11/01/2009 17:27:04 - System Checkpoint
RP161: 14/01/2009 19:49:50 - System Checkpoint
RP162: 14/01/2009 22:56:08 - Software Distribution Service 3.0
RP163: 16/01/2009 18:57:30 - System Checkpoint
RP164: 18/01/2009 11:53:08 - System Checkpoint
RP165: 19/01/2009 21:58:05 - System Checkpoint
RP166: 21/01/2009 19:35:21 - System Checkpoint
RP167: 22/01/2009 20:15:37 - System Checkpoint
RP168: 24/01/2009 16:03:49 - System Checkpoint
RP169: 25/01/2009 18:10:40 - System Checkpoint
RP170: 27/01/2009 20:39:21 - System Checkpoint
RP171: 28/01/2009 23:45:47 - System Checkpoint
RP172: 01/02/2009 21:52:30 - System Checkpoint
RP173: 03/02/2009 18:48:23 - Avg8 Update
RP174: 03/02/2009 18:49:41 - Avg8 Update
RP175: 04/02/2009 20:16:18 - System Checkpoint
RP176: 05/02/2009 20:20:27 - System Checkpoint
RP177: 06/02/2009 20:56:31 - System Checkpoint
RP178: 07/02/2009 21:12:52 - System Checkpoint
RP179: 09/02/2009 19:02:15 - System Checkpoint
RP180: 10/02/2009 18:24:15 - Avg8 Update
RP181: 10/02/2009 22:14:14 - Software Distribution Service 3.0
RP182: 13/02/2009 20:38:52 - Avg8 Update
RP183: 15/02/2009 13:48:12 - System Checkpoint
RP184: 15/02/2009 20:50:12 - Installed Samsung PC Studio 3 USB Driver Installer
RP185: 17/02/2009 20:59:06 - System Checkpoint
RP186: 19/02/2009 19:39:15 - System Checkpoint
RP187: 20/02/2009 21:19:52 - System Checkpoint
RP188: 04/03/2009 17:42:43 - Software Distribution Service 3.0
RP189: 05/03/2009 19:30:25 - System Checkpoint
RP190: 05/03/2009 21:11:48 - Installed Samsung PC Studio 3
RP191: 07/03/2009 10:48:33 - System Checkpoint
RP192: 08/03/2009 16:47:13 - Avg8 Update
RP193: 08/03/2009 21:42:14 - Software Distribution Service 3.0
RP194: 10/03/2009 21:29:27 - System Checkpoint
RP195: 11/03/2009 22:31:17 - Software Distribution Service 3.0
RP196: 12/03/2009 23:21:51 - Software Distribution Service 3.0
RP197: 14/03/2009 11:18:53 - System Checkpoint
RP198: 15/03/2009 11:22:48 - System Checkpoint
RP199: 17/03/2009 19:44:02 - Avg8 Update
==== Installed Programs ======================
Acrobat.com
Adobe AIR
Adobe Flash Player Plugin
Adobe Photoshop Elements 6.0
Adobe Reader 9
Apple Mobile Device Support
Apple Software Update
µTorrent
AVG Free 8.0
Bonjour
CCleaner (remove only)
COMODO SafeSurf
Critical Update for Windows Media Player 11 (KB959772)
FXCM Trading Station II
Google Chrome
Google Earth
Google Updater
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HyperMediaCenter
iTunes
Java(TM) 6 Update 11
KWorld TV Tuner Card Utilities
KWorld TV713X BDA Driver
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 6.2
Microsoft IntelliType Pro 6.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.7)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
NVIDIA WDM Drivers
Panda ActiveScan 2.0
PowerISO
QuickTime
Realtek High Definition Audio Driver
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3 USB Driver Installer
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VideoLAN VLC media player 0.8.6f
WebFldrs XP
William Hill Poker
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
XpertVision 5.7
==== Event Viewer Messages From Past Week ========
11/03/2009 20:34:11, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
14/03/2009 00:58:14, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
14/03/2009 01:01:19, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
14/03/2009 01:02:22, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
14/03/2009 01:45:14, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
==== End Of File ===========================
GMER 1.0.15.14939 -
http://www.gmer.netRootkit scan 2009-03-18 18:39:35
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
SSDT spnv.sys ZwCreateKey [0xF74DA0E0]
SSDT spnv.sys ZwEnumerateKey [0xF74F7CA2]
SSDT spnv.sys ZwEnumerateValueKey [0xF74F8030]
SSDT spnv.sys ZwOpenKey [0xF74DA0C0]
SSDT spnv.sys ZwQueryKey [0xF74F8108]
SSDT spnv.sys ZwQueryValueKey [0xF74F7F88]
SSDT spnv.sys ZwSetValueKey [0xF74F819A]
INT 0x62 ? 8A791BF8
INT 0x63 ? 8A791BF8
INT 0x63 ? 8A791BF8
INT 0x63 ? 8A56EBF8
INT 0x63 ? 8A791BF8
INT 0x73 ? 8A56EBF8
INT 0x82 ? 8A791BF8
INT 0x83 ? 8A56EBF8
INT 0xB4 ? 8A56EBF8
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8A7901F8
Device \Driver\usbuhci \Device\USBPDO-0 8A56D1F8
Device \Driver\usbuhci \Device\USBPDO-1 8A56D1F8
Device \Driver\usbuhci \Device\USBPDO-2 8A56D1F8
Device \Driver\usbuhci \Device\USBPDO-3 8A56D1F8
Device \Driver\usbehci \Device\USBPDO-4 8A5401F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A7231F8
Device \Driver\Cdrom \Device\CdRom0 8A52E1F8
Device \Driver\Cdrom \Device\CdRom1 8A52E1F8
Device \Driver\usbstor \Device\00000069 8A452500
Device \Driver\PCI_PNP6800 \Device\0000003d spnv.sys
Device \Driver\PCI_PNP6800 \Device\0000003d spnv.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A59A500
Device \Driver\NetBT \Device\NetbiosSmb 8A59A500
Device \Driver\NetBT \Device\NetBT_Tcpip_{75316CB9-E6C4-4F73-876F-CF4C96F2EE61} 8A59A500
Device \Driver\usbuhci \Device\USBFDO-0 8A56D1F8
Device \Driver\usbstor \Device\0000006c 8A452500
Device \Driver\usbstor \Device\0000006d 8A452500
Device \Driver\usbuhci \Device\USBFDO-1 8A56D1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A4AA500
Device \Driver\usbstor \Device\0000006e 8A452500
Device \Driver\usbuhci \Device\USBFDO-2 8A56D1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A4AA500
Device \Driver\usbstor \Device\0000006f 8A452500
Device \Driver\usbuhci \Device\USBFDO-3 8A56D1F8
Device \Driver\usbehci \Device\USBFDO-4 8A5401F8
Device \Driver\Ftdisk \Device\FtControl 8A7231F8
Device \Driver\sptd \Device\3526624300 spnv.sys
Device \Driver\akii2nj1 \Device\Scsi\akii2nj11Port4Path0Target0Lun0 8A5221F8
Device \Driver\akii2nj1 \Device\Scsi\akii2nj11 8A5221F8
Device \FileSystem\Cdfs \Cdfs 8A3A2500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 H:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x5D 0x29 0xDB 0xCA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB8 0x02 0x96 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDB 0x60 0x28 0x6E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 H:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x5D 0x29 0xDB 0xCA ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB8 0x02 0x96 0x2F ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDB 0x60 0x28 0x6E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 H:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x5D 0x29 0xDB 0xCA ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB8 0x02 0x96 0x2F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDB 0x60 0x28 0x6E ...
---- EOF - GMER 1.0.15 ----