Here is the GMER scan. I'll have to split it into two posts to fit it all.
GMER 1.0.15.15077 [82vy98zx.exe] -
http://www.gmer.netRootkit scan 2009-09-12 01:47:31
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
INT 0x06 \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) ECAA816D
INT 0x0E \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) ECAA7FC2
Code 8676AD36 ZwEnumerateKey
Code 865A31E6 ZwFlushInstructionCache
Code 865BE1B5 IofCallDriver
Code 867745DD IofCompleteRequest
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!IofCallDriver 804E37C5 5 Bytes JMP 865BE1BA
.text ntoskrnl.exe!IofCompleteRequest 804E3BF6 5 Bytes JMP 867745E2
PAGE ntoskrnl.exe!ZwEnumerateKey 80570D64 5 Bytes JMP 8676AD3A
PAGE ntoskrnl.exe!ZwFlushInstructionCache 80577693 5 Bytes JMP 865A31EA
? C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys The system cannot find the file specified. !
? C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS The system cannot find the file specified. !
? win32k.sys:1 The system cannot find the file specified. !
? win32k.sys:2 The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\PROGRA~1\AVG\AVG8\avgnsx.exe[312] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\PROGRA~1\AVG\AVG8\avgnsx.exe[312] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\PROGRA~1\AVG\AVG8\avgnsx.exe[312] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[564] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[564] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Java\jre6\bin\jqs.exe[564] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe[656] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe[656] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe[656] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe[892] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe[892] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe[892] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[956] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[956] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[956] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1072] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1072] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1072] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\System32\svchost.exe[1160] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\System32\svchost.exe[1160] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\System32\svchost.exe[1160] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
UPX1 C:\WINDOWS\system32\drivers\smss.exe[1436] C:\WINDOWS\system32\drivers\smss.exe entry point in "UPX1" section [0x004186B0]
.text C:\WINDOWS\system32\svchost.exe[1496] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1496] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\Explorer.EXE[1540] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\Explorer.EXE[1540] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\Explorer.EXE[1540] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1592] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1592] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\svchost.exe[1592] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\spoolsv.exe[1796] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\spoolsv.exe[1796] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\WINDOWS\system32\spoolsv.exe[1796] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[1932] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[1932] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[1932] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text c:\WINDOWS\system32\ZuneBusEnum.exe[2300] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text c:\WINDOWS\system32\ZuneBusEnum.exe[2300] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text c:\WINDOWS\system32\ZuneBusEnum.exe[2300] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3800] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3800] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3800] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EAFC
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EB6D
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EC9B
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4892] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4892] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4892] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] GDI32.dll!GetHFONT + 51 77F17EA7 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] GDI32.dll!GetTextExtentPoint32W + E4 77F18081 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!CallNextHookEx + 4A 7E42B410 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A179F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1720 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1764 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A16AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A16E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A17DA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WININET.dll!HttpAddRequestHeadersA 7805FB35 5 Bytes JMP 08DE000A
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WININET.dll!HttpAddRequestHeadersW 780CCF65 5 Bytes JMP 08ED000A
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 08B729A0
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 08B727E0
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!send 71AB4C27 5 Bytes JMP 104B584C
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 104B5BA8
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!recv 71AB676F 5 Bytes JMP 104B5D88
.text C:\Program Files\Internet Explorer\Iexplore.exe[5004] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 104B5CF8
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EAFC
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EB6D
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EC9B
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5824] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\PROGRA~1\AVG\AVG8\avgnsx.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\PROGRA~1\AVG\AVG8\avgnsx.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Java\jre6\bin\jqs.exe[564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Java\jre6\bin\jqs.exe[564] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe[656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe[656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe[892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe[892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\System32\svchost.exe[1160] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\System32\svchost.exe[1160] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\Explorer.EXE[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\Explorer.EXE[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\svchost.exe[1592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\AskBarDis\bar\bin\AskService.exe[1932] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\AskBarDis\bar\bin\AskService.exe[1932] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT c:\WINDOWS\system32\ZuneBusEnum.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT c:\WINDOWS\system32\ZuneBusEnum.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[3800] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[3800] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Documents and Settings\Travis\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Internet Explorer\Iexplore.exe[5004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [35672A94] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
IAT C:\Program Files\Internet Explorer\Iexplore.exe[5004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] [35672A1E] \\?\globalroot\Device\__max++>\1E0F6094.x86.dll
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Processes - GMER 1.0.15 ----
Last edited by DamonJones on 12th September 2009, 6:51 am; edited 1 time in total