CPU 100% Problem, Virus issues, and sudden Botnet infections. NEED HELP!!!!

Here's the other post as requested:


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-11-30 13:37:53
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEB030604]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xED907040]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xED903930]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xEB0304C0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xED907510]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xED90D870]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xED90DAA0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xED910FD0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xED907600]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xED903F20]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xED90F6E0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xEB03099E]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xED90D580]
SSDT spyo.sys ZwEnumerateKey [0xF72F2CA2]
SSDT spyo.sys ZwEnumerateValueKey [0xF72F3030]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xED90F8B0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xED903D70]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEB03059A]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xED90D350]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xED90D150]
SSDT spyo.sys ZwQueryKey [0xF72F3108]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEB0306BA]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xED910250]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xED90FCB0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xED906C00]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xEB03067A]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xED907220]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xED904120]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xEB0307FA]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xED90DCD0]

INT 0x62 ? 86F65BF8
INT 0x63 ? 86FD7BF8
INT 0x84 ? 86FD6BF8
INT 0x94 ? 86FD6BF8
INT 0xA4 ? 86FD6BF8
INT 0xB4 ? 86FD6BF8

---- Kernel code sections - GMER 1.0.14 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2C7C 80504518 12 Bytes [ 10, 75, 90, ED, 70, D8, 90, ... ]
? spyo.sys The system cannot find the file specified. !
? srescan.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F60138AC 5 Bytes JMP 86FD61D8

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[2176] kernel32.dll!WriteFile 7C810E17 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F72D6040] spyo.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F72D613C] spyo.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72D60BE] spyo.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F72D67FC] spyo.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72D66D2] spyo.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [ED90BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [ED90BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [ED90BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [ED90BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [ED90BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [ED90BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [ED90C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [ED90C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\WINDOWS\system32\services.exe[1072] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[1072] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 86FD51F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbehci \Device\USBPDO-0 864C51F8
Device \Driver\usbuhci \Device\USBPDO-1 865631F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 86F661F8
Device \Driver\dmio \Device\DmControl\DmConfig 86F661F8
Device \Driver\dmio \Device\DmControl\DmPnP 86F661F8
Device \Driver\dmio \Device\DmControl\DmInfo 86F661F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5726A844-B0D2-4A53-870A-0224830B2368} 8636F500
Device \Driver\usbuhci \Device\USBPDO-2 865631F8
Device \Driver\usbuhci \Device\USBPDO-3 865631F8
Device \Driver\usbuhci \Device\USBPDO-4 865631F8
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 86FD81F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 86FD81F8
Device \Driver\Cdrom \Device\CdRom0 8645B1F8
Device \Driver\usbstor \Device\00000072 85D701F8
Device \Driver\Cdrom \Device\CdRom1 8645B1F8
Device \Driver\usbstor \Device\00000073 85D701F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 86FD81F8
Device \Driver\usbstor \Device\00000074 85D701F8
Device \Driver\usbstor \Device\00000075 85D701F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8636F500
Device \Driver\NetBT \Device\NetbiosSmb 8636F500
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbstor \Device\0000006b 85D701F8
Device \Driver\usbuhci \Device\USBFDO-0 865631F8
Device \Driver\usbuhci \Device\USBFDO-1 865631F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 864371F8
Device \Driver\usbuhci \Device\USBFDO-2 865631F8
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device \FileSystem\MRxSmb \Device\LanmanRedirector 864371F8
Device \Driver\usbuhci \Device\USBFDO-3 865631F8
Device \Driver\usbehci \Device\USBFDO-4 864C51F8
Device \Driver\Ftdisk \Device\FtControl 86FD81F8
Device \FileSystem\Fastfat \Fat 85B33500
Device \FileSystem\Fastfat \Fat B7A1C297

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Cdfs \Cdfs 85C021F8

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x9E 0x78 0x4F 0x8D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x9E 0x78 0x4F 0x8D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x9E 0x78 0x4F 0x8D ...
Reg HKLM\SOFTWARE\Classes\.gba@ gba_auto_file
Reg HKLM\SOFTWARE\Classes\.IMG@ IMG_auto_file
Reg HKLM\SOFTWARE\Classes\.srf\PersistentHandler@ {eec97550-47a9-11cf-b952-00aa0051fe20}
Reg HKLM\SOFTWARE\Classes\.svg@ SafariHTML
Reg HKLM\SOFTWARE\Classes\.ThrillvilleSaveGame@ ThrillvilleSaveGameType
Reg HKLM\SOFTWARE\Classes\.ThrillvilleSaveGame\ShellEx
Reg HKLM\SOFTWARE\Classes\.ThrillvilleSaveGame\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\.ThrillvilleSaveGame\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {4E5BFBF8-F59A-4e87-9805-1F9B42CC254A}
Reg HKLM\SOFTWARE\Classes\ciplImageList.cipllImageList@ ciplImageList.cipllImageList
Reg HKLM\SOFTWARE\Classes\ciplImageList.cipllImageList\Clsid
Reg HKLM\SOFTWARE\Classes\ciplImageList.cipllImageList\Clsid@ {2B0E4DA3-A9B4-470F-A419-020192F5648D}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ciplListBar@ ciplLbar6.ciplListBar
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ciplListBar\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ciplListBar\Clsid@ {904AD4B2-FC80-4ADF-9D92-D7FFA7948E08}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBar@ ciplLbar6.cListBar
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBar\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBar\Clsid@ {379ACD52-7B83-4C0A-9FD4-08D6AFA83CB5}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItem@ ciplLbar6.cListBarItem
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItem\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItem\Clsid@ {0FEA2009-3E60-4913-A0D0-1483AF32464C}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItems@ ciplLbar6.cListBarItems
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItems\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBarItems\Clsid@ {E56836F1-D03C-4540-8F6E-859DFBF7611C}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBars@ ciplLbar6.cListBars
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBars\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.cListBars\Clsid@ {7D776CDE-61FC-4347-9CF7-FB6F1F5658E2}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.CTimer@ ciplLbar6.CTimer
Reg HKLM\SOFTWARE\Classes\ciplLbar6.CTimer\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.CTimer\Clsid@ {E4CCF4DB-3A24-437F-9354-CC61D4658280}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.GSubclass@ ciplLbar6.GSubclass
Reg HKLM\SOFTWARE\Classes\ciplLbar6.GSubclass\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.GSubclass\Clsid@ {37E556FB-6ADA-444D-82B3-E4A763B194E4}
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ISubclass@ ciplLbar6.ISubclass
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ISubclass\Clsid
Reg HKLM\SOFTWARE\Classes\ciplLbar6.ISubclass\Clsid@ {BC92CF16-4A2C-49DD-8B82-E4CC68938E9D}
Reg HKLM\SOFTWARE\Classes\gba_auto_file@
Reg HKLM\SOFTWARE\Classes\gba_auto_file\shell
Reg HKLM\SOFTWARE\Classes\gba_auto_file\shell\Read
Reg HKLM\SOFTWARE\Classes\gba_auto_file\shell\Read\command
Reg HKLM\SOFTWARE\Classes\gba_auto_file\shell\Read\command@ "C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\GOPHER\DefaultIcon
Reg HKLM\SOFTWARE\Classes\GOPHER\DefaultIcon@ C:\PROGRA~1\FLOCK\FLOCK\FLOCK.EXE,1
Reg HKLM\SOFTWARE\Classes\GOPHER\shell
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\command
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\command@ C:\PROGRA~1\FLOCK\FLOCK\FLOCK.EXE -requestPending -osint -url "%1"
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec@
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec\Application@ Flock
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\GOPHER\shell\open\ddeexec\Topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\IMG_auto_file@
Reg HKLM\SOFTWARE\Classes\IMG_auto_file\shell
Reg HKLM\SOFTWARE\Classes\IMG_auto_file\shell\Play
Reg HKLM\SOFTWARE\Classes\IMG_auto_file\shell\Play@ Play with VLC
Reg HKLM\SOFTWARE\Classes\IMG_auto_file\shell\Play\command
Reg HKLM\SOFTWARE\Classes\IMG_auto_file\shell\Play\command@ C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file "%1"
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab@ Microsoft Tabbed Dialog Control 6.0 (SP6)
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab\CLSID
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab\CLSID@ {BDC217C5-ED16-11CD-956C-0000C04E4C0A}
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab\CurVer
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab\CurVer@ TabDlg.SSTab.1
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab.1@ Microsoft Tabbed Dialog Control 6.0 (SP6)
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab.1\CLSID
Reg HKLM\SOFTWARE\Classes\TabDlg.SSTab.1\CLSID@ {BDC217C5-ED16-11CD-956C-0000C04E4C0A}
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType@PreviewTitle prop:System.Game.RichSaveName;System.Game.RichApplicationName
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType@PreviewDetails prop:System.Game.RichLevel;System.DateChanged;System.Game.RichComment;System.DisplayName;System.DisplayType
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType\Shell
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType\Shell\Open
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType\Shell\Open\Command
Reg HKLM\SOFTWARE\Classes\ThrillvilleSaveGameType\Shell\Open\Command@ C:\Documents and Settings\Malik & Jamal\Application Data\LucasArts\Thrillville Off The Rails Demo\Thrillville07Demo.exe --workingdir "C:\Documents and Settings\Malik & Jamal\Application Data\LucasArts\Thrillville Off The Rails Demo" --loadfile "%1"
Reg HKLM\SOFTWARE\Classes\WebKit.CFDictionaryPropertyBag.3@ CFDictionaryPropertyBag
Reg HKLM\SOFTWARE\Classes\WebKit.CFDictionaryPropertyBag.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.CFDictionaryPropertyBag.3\CLSID@ {DD653964-4D37-4FB2-9CB6-6A9A97719332}
Reg HKLM\SOFTWARE\Classes\WebKit.WebCache.3@ WebCache
Reg HKLM\SOFTWARE\Classes\WebKit.WebCache.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebCache.3\CLSID@ {F71071FD-A51B-4B69-9EB6-44374405E80C}
Reg HKLM\SOFTWARE\Classes\WebKit.WebDatabaseManager.3@ WebDatabaseManager
Reg HKLM\SOFTWARE\Classes\WebKit.WebDatabaseManager.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebDatabaseManager.3\CLSID@ {C2A1BFC2-1E7C-49FE-8592-D0C7FB440BC0}
Reg HKLM\SOFTWARE\Classes\WebKit.WebDownload.3@ WebDownload
Reg HKLM\SOFTWARE\Classes\WebKit.WebDownload.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebDownload.3\CLSID@ {C0F98BD9-3B1C-413D-904A-E2D1453EAF1F}
Reg HKLM\SOFTWARE\Classes\WebKit.WebError.3@ WebError
Reg HKLM\SOFTWARE\Classes\WebKit.WebError.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebError.3\CLSID@ {6C6AF3F9-36B4-4BF7-8BDE-74DCD4AD75A4}
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistory.3@ WebHistory
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistory.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistory.3\CLSID@ {A4B9B45D-949F-4C8C-9B92-6FBFCC1CAAA2}
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistoryItem.3@ WebHistoryItem
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistoryItem.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebHistoryItem.3\CLSID@ {6BE190E9-1725-4E4A-88DB-6A9FE242C9E5}
Reg HKLM\SOFTWARE\Classes\WebKit.WebIconDatabase.3@ WebIconDatabase
Reg HKLM\SOFTWARE\Classes\WebKit.WebIconDatabase.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebIconDatabase.3\CLSID@ {66827EC1-3AEF-4241-BAC5-F776B44F030F}
Reg HKLM\SOFTWARE\Classes\WebKit.WebJavaScriptCollector.3@ WebJavaScriptCollector
Reg HKLM\SOFTWARE\Classes\WebKit.WebJavaScriptCollector.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebJavaScriptCollector.3\CLSID@ {1820D883-42FE-4B78-88C8-5456BB19D224}
Reg HKLM\SOFTWARE\Classes\WebKit.WebKitStatistics.3@ WebKitStatistics
Reg HKLM\SOFTWARE\Classes\WebKit.WebKitStatistics.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebKitStatistics.3\CLSID@ {E93AA8D7-F362-4A4A-A95D-325906BEB5F0}
Reg HKLM\SOFTWARE\Classes\WebKit.WebMutableURLRequest.3@ WebMutableURLRequest
Reg HKLM\SOFTWARE\Classes\WebKit.WebMutableURLRequest.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebMutableURLRequest.3\CLSID@ {A062ECC3-BB1B-4694-A569-F59E0AD6BE0C}
Reg HKLM\SOFTWARE\Classes\WebKit.WebNotificationCenter.3@ WebNotificationCenter
Reg HKLM\SOFTWARE\Classes\WebKit.WebNotificationCenter.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebNotificationCenter.3\CLSID@ {BA590766-0A6F-46C7-B96E-743490D94CB7}
Reg HKLM\SOFTWARE\Classes\WebKit.WebPreferences.3@ WebPreferences
Reg HKLM\SOFTWARE\Classes\WebKit.WebPreferences.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebPreferences.3\CLSID@ {67B89F90-F778-438B-ABBF-34D1ACBF8651}
Reg HKLM\SOFTWARE\Classes\WebKit.WebScriptDebugServer.3@ WebScriptDebugServer
Reg HKLM\SOFTWARE\Classes\WebKit.WebScriptDebugServer.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebScriptDebugServer.3\CLSID@ {715636C4-59E7-4B85-BBC5-B555888787D7}
Reg HKLM\SOFTWARE\Classes\WebKit.WebScrollBar.3@ WebScrollBar
Reg HKLM\SOFTWARE\Classes\WebKit.WebScrollBar.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebScrollBar.3\CLSID@ {24A53AD5-AA9F-44E6-AA22-2C7C250B661A}
Reg HKLM\SOFTWARE\Classes\WebKit.WebTextRenderer.3@ WebTextRenderer
Reg HKLM\SOFTWARE\Classes\WebKit.WebTextRenderer.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebTextRenderer.3\CLSID@ {24040CD6-AFF4-4A51-9C8B-71539580EE76}
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLCredential.3@ WebURLCredential
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLCredential.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLCredential.3\CLSID@ {7433F53B-7FE9-484A-9432-72909457A646}
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLProtectionSpace.3@ WebURLProtectionSpace
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLProtectionSpace.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLProtectionSpace.3\CLSID@ {F366A6E8-E43C-4FD4-AAB0-8E6E79C73E6E}
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLRequest.3@ WebURLRequest
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLRequest.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLRequest.3\CLSID@ {2FB5499A-BB5D-4469-8517-789FEC8FD9BA}
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLResponse.3@ WebURLResponse
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLResponse.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebURLResponse.3\CLSID@ {AB201196-8DD2-4D45-AEBD-029B6A37AA27}
Reg HKLM\SOFTWARE\Classes\WebKit.WebView.3@ WebView
Reg HKLM\SOFTWARE\Classes\WebKit.WebView.3\CLSID
Reg HKLM\SOFTWARE\Classes\WebKit.WebView.3\CLSID@ {D6BCA079-F61C-4E1E-B453-32A0477D02E3}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AAAE602F-C19A-BF58-FB4A-B7FB6AF25C49}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AAAE602F-C19A-BF58-FB4A-B7FB6AF25C49}@haofbfcbfofpeika 0x6B 0x61 0x64 0x64 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AAAE602F-C19A-BF58-FB4A-B7FB6AF25C49}@haabdeocncfckdbe 0x6E 0x62 0x62 0x68 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AAAE602F-C19A-BF58-FB4A-B7FB6AF25C49}@haabdeociekahmij 0x6D 0x61 0x65 0x64 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AAAE602F-C19A-BF58-FB4A-B7FB6AF25C49}@iaegfdlcfdpbkjgcin 0x6B 0x61 0x64 0x64 ...

---- EOF - GMER 1.0.14 ----

Hi

Does the alarm appear at some certain situation (while being on some specific web site for example)?

Uninstall your Adobe Flash Player thru add/remove programs. Then install the latest one found here. Any help with the problem?

I can't pinpoint the exact times that it occurs, but it occurs anytime randomly when accessing the internet, like when opening up a web browser like Firefox or Flock, or using any programs that require internet. It randomly occurs an ill try to pinpoint when it does. Ive completed the installation of the most recent Flash plugin for Adobe

Hi

Since TrendMicro Rubotted is still on beta stage its alarms may not be 100% correct. Your logs all look ok so I think it's highly possible that you've been given one of these false alarms. I recommend uninstall it for now and consider installing again when the program reaches final version status.

Alright, thanks for your assitance. Before this post is closed thought, i have one last question. Frefox, Flock, and IE all run at extremely high(almost 100% CPU), when im in use of these programs, and that is the one other problem that causes this computer to slow down, and the CPU issue happens all the time everytime when i use the programs, and im not sure what the issue with that is.

Hi

Do you have any toolbar or other addon installed that appears on every of those browsers you listed?

Um, im not sure exactly what you mean, but ill list what toolbars/addons i have for each browser:
FLOCK
-Navigation and Flock Toolbar
-No extensions or themes
MOZILLA FIREFOX
-Navigation and Bookmarks Toolbars
-ZoneAlarm Spy Blocker
-AOL Toolbar
-Yahoo Toolbar
FIREFOX ADDONS
-AOL Toolbar
-JAVa Quick Starter
-Veoh Browser Plugin
-Yahoo Toolbar
Internet Explorer Toolbars
-AIM Toolbar
-Windows Live Toolbar
-MSN Toolbar
-Yahoo! (with a bunch of wierd symbols after it)
-Normal Bars

Im unsure what the error is, since everything looks normal, but for some reason it picks and chooses when it wants to run 100% CPU, an it becomes irritating as it slows everything down. Should i simply try uninstalling an reinstalling the browsers

Hi

Yes, please try reinstallation of the browsers. I can't see what could be wrong there.

Alright ill do that and see if tha fixes anything. If it dosen't, ill figure some other troubleshooting steps out, cause im unsure why CPU been off so much lately. Thanks again for your help

If reinstallation doesn't help you may ask at http://forums.pcpitstop.com if someone there has a key to the problem :)