I`m infected with Google Redirect virus, please help...

[PurpleShark]

I`ve spent the last few days trying to get this horrible virus removed from my computer but I`m really struggling.

It`s making new pages take forever to load & as its name suggests, redirecting any page to ad pages!! It`s driving me mad!! It`s at the point now where the anti-virus/anti-spyware programmes don`t even open so I can`t remove it.

I`m not that advanced with computers, but I know that I have to be careful with using HiJack This for example.

If someone can help me & talk me through what I need to do next, I`ll be forever grateful.

I have tried Malwarebytes several times, I have 4 different logs, but the computer is still very slow to load and new pages just don`t open up like they used to.

I installed Norton last week so I don`t know if that`s triggered something.

[heir]

If you have any questions please ask them.

Got to this topic and follow those instructions and post the results in a reply in this topic.

[PurpleShark]

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6526

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

07/05/2011 19:55:18

mbam-log-2011-05-07 (19-55-18).txt

Scan type: Full scan (C:\|D:\|E:\|)

Objects scanned: 327326

Time elapsed: 2 hour(s), 48 minute(s), 58 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6526

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 9.0.8112.16421

09/05/2011 16:19:22

mbam-log-2011-05-09 (16-19-22).txt

Scan type: Quick scan

Objects scanned: 141762

Time elapsed: 6 minute(s), 59 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6539

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

09/05/2011 19:15:05

mbam-log-2011-05-09 (19-15-05).txt

Scan type: Quick scan

Objects scanned: 144646

Time elapsed: 14 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6539

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

11/05/2011 14:37:24

mbam-log-2011-05-11 (14-37-24).txt

Scan type: Quick scan

Objects scanned: 144774

Time elapsed: 42 minute(s), 18 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[heir]

MBAM didn't find anything.

Let's see what DDS and GMER brings.

Please post the logs from those in your next reply.

[PurpleShark]

I don`t know how to disable script blocker. sorry.

[heir]

Just ignore that and run DDS.scr anyway.

[PurpleShark]

Ok, I just have an empty black box open on my screen. DDS doesn`t seem to be doing anything. I`m now getting messages from Admin telling me that I have to disable the script blocker or it will interfere.

[heir]

OK then do it like this.

Use this link to download DDS.

Right-click on DDS.com and run it as administrator.

[PurpleShark]

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by user at 15:32:09.40 on 11/05/2011

Internet Explorer: 9.0.8112.16421

Microsoft

[heir]

Please also attach Attach.txt that DDS created (in the same place DDS.com was run from (your desktop).

I also need the log from GMER, please attach that as well.

[PurpleShark]

I didn`t know how to make it into a zip file, shall i just post it here for you?

[heir]

Just post it that's OK.

[PurpleShark]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft

[heir]

Thank you for being so patient with me, I`m a bit of a numpty compared to you :-)

That's ok.

Now to the most essential log. The one from GMER. Please post it in your next reply.

[PurpleShark]

Does the GMER log just scan my C drive or all my drives?

[heir]

Does the GMER log just scan my C drive or all my drives?

Only C: drive for now.

[PurpleShark]

I have to leave to go to work in a minute, is it OK to leave it scanning & post the results to you when I get home in a few hours?

[heir]

Works perfectly as I get notified when you post.

We both live in the same Timezone GMT+1.

If I'm awake by then I'll have look at it else I'll post the next set of instructions tomorrow.

/heir

[PurpleShark]

GMER 1.0.15.15627 - http://www.gmer.net

Rootkit scan 2011-05-11 22:30:20

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD161HJ rev.JF100-19

Running: v6q120um.exe; Driver: C:\Users\user\AppData\Local\Temp\fxldypod.sys

---- System - GMER 1.0.15 ----

SSDT 88241F90 ZwAlertResumeThread

SSDT 87C39E50 ZwAlertThread

SSDT 87F98710 ZwAllocateVirtualMemory

SSDT 88046B78 ZwAlpcConnectPort

SSDT 87C92668 ZwAssignProcessToJobObject

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwCreateFile [0x92848A56]

SSDT 87E20BA0 ZwCreateMutant

SSDT 87B8BF80 ZwCreateSymbolicLinkObject

SSDT 87B9FFB0 ZwCreateThread

SSDT 87C92748 ZwDebugActiveProcess

SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys ZwDeleteFile [0x9287FE12]

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteKey [0x9284C27C]

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteValueKey [0x9284C2AE]

SSDT 87AE6420 ZwDuplicateObject

SSDT 87A5D008 ZwFreeVirtualMemory

SSDT 88241E10 ZwImpersonateAnonymousToken

SSDT 88241ED0 ZwImpersonateThread

SSDT 882AF348 ZwLoadDriver

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwLoadKey [0x9284C410]

SSDT 87A5D148 ZwMapViewOfSection

SSDT 87E20AE0 ZwOpenEvent

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenFile [0x92848B2C]

SSDT 87B9FED8 ZwOpenProcess

SSDT 88045220 ZwOpenProcessToken

SSDT 87AE6B18 ZwOpenSection

SSDT 87AE64B0 ZwOpenThread

SSDT 87ECE828 ZwProtectVirtualMemory

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwQueryValueKey [0x9284C386]

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRenameKey [0x9284C2F0]

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwReplaceKey [0x9284C322]

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRestoreKey [0x9284C354]

SSDT 87C39F10 ZwResumeThread

SSDT 87A3B898 ZwSetContextThread

SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys ZwSetInformationFile [0x9287FE86]

SSDT 87A5D070 ZwSetInformationProcess

SSDT 87C92828 ZwSetSystemInformation

SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys ZwSetValueKey [0x92880C92]

SSDT 87AE6BF8 ZwSuspendProcess

SSDT 87C39FD0 ZwSuspendThread

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x91FBA620]

SSDT 87A3B7D8 ZwTerminateThread

SSDT 87B9FEA0 ZwUnmapViewOfSection

SSDT 87F98680 ZwWriteVirtualMemory

SSDT 87ECE728 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 82EEC8A0 8 Bytes [90, 1F, 24, 88, 50, 9E, C3, ...]

.text ntkrnlpa.exe!KeSetEvent + 131 82EEC8B4 4 Bytes [10, 87, F9, 87]

.text ntkrnlpa.exe!KeSetEvent + 13D 82EEC8C0 4 Bytes [78, 6B, 04, 88] {JS 0x6d; ADD AL, 0x88}

.text ntkrnlpa.exe!KeSetEvent + 191 82EEC914 4 Bytes [68, 26, C9, 87]

.text ntkrnlpa.exe!KeSetEvent + 1D9 82EEC95C 4 Bytes [56, 8A, 84, 92]

.text ...

PAGE ntkrnlpa.exe!FsRtlCancellableWaitForMultipleObjects + 2AE 8301E355 7 Bytes JMP 90299B68

.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8F409340, 0x413097, 0xE8000020]

? C:\Users\user\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F660A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F66121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6625F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[712] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[900] ntdll.dll!KiUserApcDispatcher 76F65B48 5 Bytes JMP 00414130 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)

.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[900] kernel32.dll!LoadLibraryExW + 248 75879351 4 Bytes JMP 71AA000A

.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[900] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 71A40022

.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[900] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 71AD0022

? C:\Windows\system32\SLsvc.exe[1244] C:\Windows\system32\USERENV.dll IMAGE_DOS_SIGNATURE not found;

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] ntdll.dll!NtQueryInformationProcess 76F64CA4 5 Bytes JMP 00BC14C7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!closesocket 7582330C 5 Bytes JMP 00BAC72D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!recv 7582343A 5 Bytes JMP 00BAC347

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!GetAddrInfoW 75823D12 5 Bytes JMP 00BAB86D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 00BAB78D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!WSASend 75824496 5 Bytes JMP 00BAC3F5

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!send 7582659B 5 Bytes JMP 00BAC2A2

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!WSAGetOverlappedResult 75828143 5 Bytes JMP 00BAC60D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!WSARecv 75828400 5 Bytes JMP 00BAC4C9

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!WSAAsyncGetHostByName 75835FB9 5 Bytes JMP 00BABB34

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 00BAB6CC

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!ExtTextOutW 7709872B 5 Bytes JMP 00BACEEB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!GetGlyphIndicesW 7709B765 5 Bytes JMP 00BAD378

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!ExtTextOutA 770A00A5 5 Bytes JMP 00BACE07

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!TextOutA 770A0BAB 5 Bytes JMP 00BAC8EB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!TextOutW 770A0D6D 5 Bytes JMP 00BAC9B7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] GDI32.dll!GetGlyphIndicesA 770B9DC0 5 Bytes JMP 00BAD2AB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!DrawTextExW 75F191CE 5 Bytes JMP 00BACD20

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!DrawTextW 75F197D3 5 Bytes JMP 00BACB5E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!DrawTextA 75F2558D 5 Bytes JMP 00BACA83

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!DrawTextExA 75F255C4 5 Bytes JMP 00BACC39

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!DialogBoxParamW 75F310B0 5 Bytes JMP 00BABC13

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] USER32.dll!SetClipboardData 75F46410 5 Bytes JMP 00BAC7D4

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WININET.dll!InternetCrackUrlA 75C47ABE 5 Bytes JMP 00BAD63E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[1324] WININET.dll!InternetCrackUrlW 75C52E2B 5 Bytes JMP 00BAD787

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F650A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F65121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6525F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] ntdll.dll!NtQueryInformationProcess 76F64CA4 5 Bytes JMP 007514C7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] kernel32.dll!LoadLibraryExW + 248 75879351 4 Bytes JMP 71AB000A

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!RegisterClassExW 75F0DA30 6 Bytes PUSH 71AD0022; RET

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!CreateWindowExA 75F0DC2A 6 Bytes JMP 7199000A

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!RegisterClassW 75F0E1AB 6 Bytes PUSH 71A50022; RET

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!CreateWindowExW 75F11305 6 Bytes JMP 719D000A

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!DrawTextExW 75F191CE 5 Bytes JMP 0073CD20

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!DrawTextW 75F197D3 5 Bytes JMP 0073CB5E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!PeekMessageW 75F2045A 6 Bytes PUSH 71A20022; RET

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!DrawTextA 75F2558D 5 Bytes JMP 0073CA83

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!DrawTextExA 75F255C4 5 Bytes JMP 0073CC39

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!DialogBoxParamW 75F310B0 5 Bytes JMP 0073BC13

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] USER32.dll!SetClipboardData 75F46410 5 Bytes JMP 0073C7D4

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!ExtTextOutW 7709872B 5 Bytes JMP 0073CEEB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!GetGlyphIndicesW 7709B765 5 Bytes JMP 0073D378

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!ExtTextOutA 770A00A5 5 Bytes JMP 0073CE07

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!TextOutA 770A0BAB 5 Bytes JMP 0073C8EB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!TextOutW 770A0D6D 5 Bytes JMP 0073C9B7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] GDI32.dll!GetGlyphIndicesA 770B9DC0 5 Bytes JMP 0073D2AB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WININET.dll!InternetCrackUrlA 75C47ABE 5 Bytes JMP 0073D63E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WININET.dll!InternetCrackUrlW 75C52E2B 5 Bytes JMP 0073D787

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!closesocket 7582330C 5 Bytes JMP 0073C72D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!recv 7582343A 5 Bytes JMP 0073C347

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!GetAddrInfoW 75823D12 5 Bytes JMP 0073B86D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 0073B78D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!WSASend 75824496 5 Bytes JMP 0073C3F5

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!send 7582659B 5 Bytes JMP 0073C2A2

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!WSAGetOverlappedResult 75828143 5 Bytes JMP 0073C60D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!WSARecv 75828400 5 Bytes JMP 0073C4C9

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!WSAAsyncGetHostByName 75835FB9 5 Bytes JMP 0073BB34

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[2928] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 0073B6CC

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] ntdll.dll!KiUserApcDispatcher 76F65B48 5 Bytes JMP 0043EA30 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (RapportService/Trusteer Ltd.)

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] kernel32.dll!LoadLibraryExW + 248 75879351 4 Bytes JMP 71AC000A

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] kernel32.dll!CreateRemoteThread + 175 7589CAAA 4 Bytes JMP 719F0000

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] USER32.dll!InSendMessageEx + 3B1 75F0E6B0 6 Bytes JMP 71AE001E

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 71A20022

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3292] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 71A60022

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text

C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F650A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F65121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6525F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtQueryInformationProcess 76F64CA4 5 Bytes JMP 00E614C7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!closesocket 7582330C 5 Bytes JMP 00E4C72D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!recv 7582343A 5 Bytes JMP 00E4C347

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!GetAddrInfoW 75823D12 5 Bytes JMP 00E4B86D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 00E4B78D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!WSASend 75824496 5 Bytes JMP 00E4C3F5

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!send 7582659B 5 Bytes JMP 00E4C2A2

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!WSAGetOverlappedResult 75828143 5 Bytes JMP 00E4C60D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!WSARecv 75828400 5 Bytes JMP 00E4C4C9

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!WSAAsyncGetHostByName 75835FB9 5 Bytes JMP 00E4BB34

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 00E4B6CC

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!ExtTextOutW 7709872B 5 Bytes JMP 00E4CEEB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!GetGlyphIndicesW 7709B765 5 Bytes JMP 00E4D378

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!ExtTextOutA 770A00A5 5 Bytes JMP 00E4CE07

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!TextOutA 770A0BAB 5 Bytes JMP 00E4C8EB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!TextOutW 770A0D6D 5 Bytes JMP 00E4C9B7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] GDI32.dll!GetGlyphIndicesA 770B9DC0 5 Bytes JMP 00E4D2AB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!DrawTextExW 75F191CE 5 Bytes JMP 00E4CD20

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!DrawTextW 75F197D3 5 Bytes JMP 00E4CB5E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!DrawTextA 75F2558D 5 Bytes JMP 00E4CA83

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!DrawTextExA 75F255C4 5 Bytes JMP 00E4CC39

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!DialogBoxParamW 75F310B0 5 Bytes JMP 00E4BC13

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] USER32.dll!SetClipboardData 75F46410 5 Bytes JMP 00E4C7D4

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WININET.dll!InternetCrackUrlA 75C47ABE 5 Bytes JMP 00E4D63E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4216] WININET.dll!InternetCrackUrlW 75C52E2B 5 Bytes JMP 00E4D787

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F660A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F66121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6625F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 16, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4432] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F650A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F65121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6525F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtQueryInformationProcess 76F64CA4 5 Bytes JMP 00FA14C7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!closesocket 7582330C 5 Bytes JMP 00F8C72D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!recv 7582343A 5 Bytes JMP 00F8C347

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!GetAddrInfoW 75823D12 5 Bytes JMP 00F8B86D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!getaddrinfo 7582418A 5 Bytes JMP 00F8B78D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!WSASend 75824496 5 Bytes JMP 00F8C3F5

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!send 7582659B 5 Bytes JMP 00F8C2A2

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!WSAGetOverlappedResult 75828143 5 Bytes JMP 00F8C60D

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!WSARecv 75828400 5 Bytes JMP 00F8C4C9

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!WSAAsyncGetHostByName 75835FB9 5 Bytes JMP 00F8BB34

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WS2_32.dll!gethostbyname 758362D4 5 Bytes JMP 00F8B6CC

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!ExtTextOutW 7709872B 5 Bytes JMP 00F8CEEB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!GetGlyphIndicesW 7709B765 5 Bytes JMP 00F8D378

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!ExtTextOutA 770A00A5 5 Bytes JMP 00F8CE07

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!TextOutA 770A0BAB 5 Bytes JMP 00F8C8EB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!TextOutW 770A0D6D 5 Bytes JMP 00F8C9B7

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] GDI32.dll!GetGlyphIndicesA 770B9DC0 5 Bytes JMP 00F8D2AB

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!DrawTextExW 75F191CE 5 Bytes JMP 00F8CD20

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!DrawTextW 75F197D3 5 Bytes JMP 00F8CB5E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!DrawTextA 75F2558D 5 Bytes JMP 00F8CA83

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!DrawTextExA 75F255C4 5 Bytes JMP 00F8CC39

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!DialogBoxParamW 75F310B0 5 Bytes JMP 00F8BC13

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] USER32.dll!SetClipboardData 75F46410 5 Bytes JMP 00F8C7D4

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WININET.dll!InternetCrackUrlA 75C47ABE 5 Bytes JMP 00F8D63E

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4528] WININET.dll!InternetCrackUrlW 75C52E2B 5 Bytes JMP 00F8D787

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtCreateFile + 6 76F6422A 4 Bytes [28, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtCreateFile + B 76F6422F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtMapViewOfSection + 6 76F6497A 1 Byte [28]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtMapViewOfSection + 6 76F6497A 4 Bytes [28, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtMapViewOfSection + B 76F6497F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenFile + 6 76F64A0A 4 Bytes [68, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenFile + B 76F64A0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcess + 6 76F64A8A 4 Bytes [A8, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcess + B 76F64A8F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcessToken + 6 76F64A9A 4 Bytes CALL 75F650A0 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcessToken + B 76F64A9F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcessTokenEx + 6 76F64AAA 4 Bytes [A8, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenProcessTokenEx + B 76F64AAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThread + 6 76F64AFA 4 Bytes [68, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThread + B 76F64AFF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThreadToken + 6 76F64B0A 4 Bytes [68, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThreadToken + B 76F64B0F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThreadTokenEx + 6 76F64B1A 4 Bytes CALL 75F65121 C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtOpenThreadTokenEx + B 76F64B1F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtQueryAttributesFile + 6 76F64BAA 4 Bytes [A8, 00, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtQueryAttributesFile + B 76F64BAF 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtQueryFullAttributesFile + 6 76F64C5A 4 Bytes CALL 75F6525F C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation)

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtQueryFullAttributesFile + B 76F64C5F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtSetInformationFile + 6 76F6513A 4 Bytes [28, 01, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtSetInformationFile + B 76F6513F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtSetInformationThread + 6 76F6518A 4 Bytes [28, 02, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtSetInformationThread + B 76F6518F 1 Byte [E2]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 1 Byte [68]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtUnmapViewOfSection + 6 76F6542A 4 Bytes [68, 03, 06, 00]

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[6084] ntdll.dll!NtUnmapViewOfSection + B 76F6542F 1 Byte [E2]

---- EOF - GMER 1.0.15 ----

[heir]

It looks as you've two Antivirus softwares installed at the same time, Microsoft Security Essentials and Norton Internet Security

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.

2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either Microsoft Security Essentials or Norton Internet Security.

Step 1.

aswMBR:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

Step 2.

RootKit Unhooker:

• Please Download Rootkit Unhooker Save it to your desktop.
• Now double-click on RKUnhookerLE.exe to run it.
• Click the Report tab, then click Scan.
• Check (Tick) Drivers, Stealth. Uncheck the rest. then Click OK.
• Wait till the scanner has finished and then click File, Save Report.
• Save the report somewhere where you can find it. Click Close.

Copy the entire contents of the report and paste it in a reply here.

Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

Step 3.

Things I would like to see in your reply:

1. The content of the log from aswMBR in step 1.
   
2. The content of the log from RKU in step 2.
   
3. Information on how you computer is running now. Any redirects?
   

[PurpleShark]

Do I need to remove one of the security systems before running the first scan?

My Windows security hasn`t worked for a while, it won`t let me open my firewall properly or open the Windows security centre to update it either. That`s why I installed the Norton last week.

Would you recommend losing Windows or Norton?

[PurpleShark]

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software

Run date: 2011-05-11 22:51:27

-----------------------------

22:51:27.410 OS Version: Windows 6.0.6002 Service Pack 2

22:51:27.410 Number of processors: 1 586 0x409

22:51:27.413 ComputerName: MUGGY UserName: user

22:51:29.703 Initialize success

22:51:52.065 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

22:51:52.072 Disk 0 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3

22:51:54.469 Disk 0 MBR read successfully

22:51:54.525 Disk 0 MBR scan

22:51:54.532 Disk 0 unknown MBR code

22:51:56.736 Disk 0 scanning sectors +312578048

22:51:57.084 Disk 0 scanning C:\Windows\system32\drivers

22:55:36.479 Service scanning

22:55:43.589 Disk 0 trace - called modules:

22:55:43.848 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll intelide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys nvlddmkm.sys

22:55:43.849 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86818ac8]

22:55:43.849 3 CLASSPNP.SYS[8b59e8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x860de030]

22:55:43.849 Scan finished successfully

23:05:28.984 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"

23:05:28.987 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

[heir]

Would you recommend losing Windows or Norton?

Microsoft Security Essentials is freeware. I assume you've paid for Norton.

Remove Microsoft Security Essentials, it can be reinstalled later if needed.

Having two onboard will most likely slow down your computer.

[PurpleShark]

RkU Version: 3.8.388.590, Type LE (SR2)

==============================================

OS Name: Windows Vista

Version 6.0.6002 (Service Pack 2)

Number of processors #1

==============================================

>Drivers

==============================================

0x8F409000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7770112 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.24 )

0x82E40000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft Corporation, NT Kernel & System)

0x82E40000 PnpManager 3907584 bytes

0x82E40000 RAW 3907584 bytes

0x82E40000 WMIxWDM 3907584 bytes

0x822F0000 Win32k 2113536 bytes

0x822F0000 C:\Windows\System32\win32k.sys 2113536 bytes (Microsoft Corporation, Multi-User Win32 Driver)

0xA6A04000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110511.002\NAVEX15.SYS 1388544 bytes (Symantec Corporation, AV Engine)

0x8B401000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)

0x8B000000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)

0x8B200000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)

0x804D3000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)

0xA2A50000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)

0x92207000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx86.sys 819200 bytes (Symantec Corporation, BASH Driver)

0xA2604000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)

0x8AE6A000 C:\Windows\system32\drivers\NIS\1205000.07D\SYMEFA.SYS 671744 bytes (Symantec Corporation, Symantec Extended File Attributes)

0x8B314000 C:\Windows\System32\drivers\dxgkrnl.sys 655360 bytes (Microsoft Corporation, DirectX Graphics Kernel)

0x8B171000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)

0xA2B6B000 C:\Windows\system32\drivers\NIS\1205000.07D\SRTSP.SYS 544768 bytes (Symantec Corporation, Symantec AutoProtect)

0x80609000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)

0x8AF18000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)

0x80409000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)

0xA26B4000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)

0x92889000 C:\Windows\system32\drivers\RapportBuka.sys 393216 bytes (Trusteer Ltd., RapportBuka)

0xA6B72000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)

0x928F3000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110509.001\IDSvix86.sys 372736 bytes (Symantec Corporation, IDS Core Driver)

0x91E3E000 C:\Windows\system32\drivers\NIS\1205000.07D\SYMTDIV.SYS 360448 bytes (Symantec Corporation, Network Dispatch Driver)

0x8AE03000 C:\Windows\system32\drivers\NIS\1205000.07D\SYMDS.SYS 356352 bytes (Symantec Corporation, Symantec Data Store)

0xA2A01000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)

0x8072E000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)

0x91ED0000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)

0x80692000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)

0x80492000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)

0x8AFB8000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)

0x908E6000 C:\Windows\system32\drivers\HdAudio.sys 258048 bytes (Microsoft Corporation, High Definition Audio Function Driver)

0x8B3B4000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)

0x9280B000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)

0x8B136000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)

0x8FB80000 C:\Windows\system32\DRIVERS\e1e6032.sys 237568 bytes (Intel Corporation, Intel® PRO/1000 Adapter NDIS 6 deserialized driver)

0xA27AC000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)

0x8B511000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)

0x908A0000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)

0x82E0D000 ACPI_HAL 208896 bytes

0x82E0D000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)

0x805C7000 C:\Windows\System32\drivers\FLTMGR.SYS 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)

0x91F18000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)

0x8AF89000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)

0x90925000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))

0x8B10B000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)

0x9085F000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)

0x91FD8000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)

0x8B561000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)

0x90977000 C:\Windows\system32\DRIVERS\MpFilter.sys 159744 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)

0x806E9000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)

0x92847000 C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys 155648 bytes (Trusteer Ltd., RapportPG)

0x91E96000 C:\Windows\system32\Drivers\SYMEVENT.SYS 155648 bytes (Symantec Corporation, Symantec Event Library)

0x9230C000 C:\Windows\system32\DRIVERS\Dot4.sys 151552 bytes (Microsoft Corporation, IEEE-1284.4-1999 Driver)

0x90952000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)

0x91F81000 C:\Windows\system32\drivers\NIS\1205000.07D\Ironx86.SYS 147456 bytes (Symantec Corporation, Iron Driver)

0x807DA000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))

0x91FB0000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)

0x8B599000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)

0xA276C000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)

0x909D1000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)

0xA278D000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)

0x807A5000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)

0xA6BD0000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11110.sys 122880 bytes (Symantec Corporation, Symantec Eraser Utility Driver)

0x929AC000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 118784 bytes (Symantec Corporation, Symantec Eraser Utility Driver)

0xA2721000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)

0x8B2EA000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)

0x923C8000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)

0xA273E000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)

0x92962000 C:\Users\user\AppData\Local\Temp\fxldypod.sys 102400 bytes

0x8FBD4000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)

0xA27E5000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)

0x929C9000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)

0x807C3000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)

0x922CF000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)

0x9234F000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)

0x91F4A000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)

0x91E28000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)

0xA2757000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)

0x90822000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)

0x92331000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)

0xA2B44000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)

0xA6B57000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110511.002\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)

0x9080E000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)

0x91EBC000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)

0x929E0000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)

0x91F6E000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)

0xA2B59000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)

0x8B588000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)

0x908D5000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)

0x80479000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)

0x8AE5A000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)

0x9236E000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)

0x923EB000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)

0x8078D000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)

0x90837000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)

0x8B305000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)

0x923B9000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)

0x8B552000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)

0x80710000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)

0x9286D000 C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys 61440 bytes (Trusteer Ltd., RapportEI)

0x805B3000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)

0x8FBC5000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)

0x8071F000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)

0x82530000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)

0x91F60000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)

0x91E11000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)

0x8077F000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)

0x9238F000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)

0x922FF000 C:\Windows\system32\DRIVERS\dot4usb.sys 53248 bytes (Microsoft Corporation, DOT4USB filter driver)

0x9287C000 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys 53248 bytes (Trusteer Ltd., RapportCerberus)

0x90893000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)

0x922E8000 C:\Windows\system32\DRIVERS\usbscan.sys 53248 bytes (Microsoft Corporation, USB Scanner Driver)

0x80685000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)

0xA2B38000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)

0x909C5000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)

0x8FB74000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)

0xA2BF0000 C:\Users\user\AppData\Local\Temp\aswMBR.sys 45056 bytes

0x9239C000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes

0x90847000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)

0x90852000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)

0x91E06000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)

0x8B3F2000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)

0x91FA5000 C:\Windows\system32\drivers\NIS\1205000.07D\SRTSPX.SYS 45056 bytes (Symantec Corporation, Symantec AutoProtect)

0x8FBF2000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)

0x8B5E3000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)

0x8FBBA000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)

0x923AF000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)

0x90889000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)

0x928E9000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)

0x8AF0E000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)

0xA2B2E000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)

0x922F5000 C:\Windows\system32\DRIVERS\usbprint.sys 40960 bytes (Microsoft Corporation, USB Printer driver)

0x8B5BA000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)

0x92346000 C:\Windows\system32\DRIVERS\Dot4Prt.sys 36864 bytes (Microsoft Corporation, IEEE-1284.4 Print Class Driver)

0x9099E000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)

0x92365000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)

0x9237E000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)

0x9297B000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)

0x91E1F000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)

0x82510000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)

0x8B5EE000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)

0x806D8000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)

0x8079D000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)

0x8048A000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)

0x923A7000 C:\Windows\System32\Drivers\dump_atapi.sys 32768 bytes

0x92387000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)

0x806E1000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)

0x909F2000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)

0x90800000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)

0x8B54A000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)

0x909AE000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)

0x909BE000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)

0x80778000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)

0x80402000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)

0xA6BF6000 C:\Users\user\AppData\Local\Temp\mbr.sys 28672 bytes

0x909A7000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)

0x8FBEC000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)

0x91FD2000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)

0x8FB72000 C:\Windows\system32\DRIVERS\nvBridge.kmd 8192 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.24 )

0x9085D000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)

0x922E6000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)

==============================================

>Stealth

==============================================

Faked ServiceTable-->ccSvcHst.exe [ ETHREAD 0x883EED78 ] TID: 8724, 3933606467 bytes

[heir]

How is your computer running?

Any Redirects?