processes taking up to 90% of disk, switch to max out help

alright so my computer has been running slow. my desktop has had small things messed with and ive been logged out of sites i never log out of. ive run mutiple scans (avast, avg, malewarebytes, and microsoft safety scanner) all of these turned up nothing. i also defraged and cleaned my C drive. on task manager system (NT kernal and system) seems to be taking up to 90% of my disk, is also lowers and swaps out usage with other programs like my killer network manager that goes from 10-50% depending on what system is at always maxing it out to 100% all of the scans ive down turned up nothing but tracking cookies that AVG says were healed but its still doing this. after hours of scans and work i ran one more AVG scan and it says i have 2 hidden driver rootkits witch i suspected it was a rootkit. it gives me a option to remove all and it said they were sucessfuly healed but my laptop is still running the high disk usage. i ran a Gmer scan and it tells me at the end that it cant access C:windows/system32/config/system because its already being used by another program then tells me the scan was succesful and says there is a "unknown MBR code. i dont know if that means it couldnt find anything or it couldnt acess what it needed to so it doesnt know? the rootkit is in c:/windows/system32/drivers/aswStm.sys. im running another malware bytes scan now to confirm but i doubt anything will turn up. any advice or help would be much appreciated. thank you in advance.

can you Restart the computer holding the Shift key? and if so.. select safe mode and run scans there..

include a scan from hitman pro but run the "trial" and "one time only" just really read what you are clicking.. it's pretty easy..

HitmanPro 3 - SurfRight


here is safe mode..


hold shift while restarting..


otherwise, (god.. not again...) get team-viewer, and tell me when you are online and lets do this together....

It may end with a reformat though.. Once you are breached, it's not smart to continue with that widows.. but most people don't care..




5 Ways To Boot Into Safe Mode In Windows 8.1



just let me know when you will be online..

hi. thanks for the response. i havent run hitman pro and i feel a bit uncomfortable using teamviewer. but for the last hour ive been running scans in safe mode. to update you on what ive done i used the remove option on my AVG scan to "remove" the rootkits. i had 2. it no longer detects them when i scan but it does still detect tracing cookies witch it was doing before. i ran a AVG scan and a Gmer scan in safe mode but because im an idiot the Gmer scan results i copied into a text file didnt make it through the restart because i forgot to save it... anyway this is the safe mode AVG scan. ive seen a lot of threads looking for Gmer results so thats why im posting them. i gotta go for a bit so ill check to see if you responded.


AVG AntiVirus command line scanner
Copyright (c) 1992 - 2016 AVG Technologies
Program version 2016.0.7442, engine 2016.0.4522
Virus Database: Version 4522/11613 2016-02-12
C:\Documents and Settings\ Locked file. Not scanned. is OK.
C:\hiberfil.sys Locked file. Not scanned. is OK.
C:\pagefile.sys Locked file. Not scanned. is OK.
C:\ProgramData\Desktop\ Locked file. Not scanned. is OK.
C:\ProgramData\Documents\ Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\62ff6d7c3bd1b209970ce4f09ba8e995_e5bd8955-c590-4fa8-918b-3f120bbc9aa7 Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d49f8cd45d748509ca7e8bbc99f7f0ed_e5bd8955-c590-4fa8-918b-3f120bbc9aa7 Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f91eb4741d6ade428438d4a47d8f5106_e5bd8955-c590-4fa8-918b-3f120bbc9aa7 Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.app.json Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\events00.rbs Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\events01.rbs Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\events10.rbs Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\events11.rbs Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Diagnosis\users.dat Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Windows\LocationProvider\ Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Windows\SystemData\ Locked file. Not scanned. is OK.
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpScanCache-1.bin Locked file. Not scanned. is OK.
C:\ProgramData\Templates\ Locked file. Not scanned. is OK.
C:\swapfile.sys Locked file. Not scanned. is OK.
C:\System Volume Information\ Locked file. Not scanned. is OK.
C:\Users\Default\AppData\Local\History\ Locked file. Not scanned. is OK.
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\ Locked file. Not scanned. is OK.
C:\Users\Default\AppData\Local\Temporary Internet Files\ Locked file. Not scanned. is OK.
C:\Users\Default\Cookies\ Locked file. Not scanned. is OK.
C:\Users\Default\Documents\My Music\ Locked file. Not scanned. is OK.
C:\Users\Default\Documents\My Pictures\ Locked file. Not scanned. is OK.
C:\Users\Default\Documents\My Videos\ Locked file. Not scanned. is OK.
C:\Users\Default\NetHood\ Locked file. Not scanned. is OK.
C:\Users\Default\PrintHood\ Locked file. Not scanned. is OK.
C:\Users\Default\Recent\ Locked file. Not scanned. is OK.
C:\Users\Default\Templates\ Locked file. Not scanned. is OK.
C:\Users\Public\Documents\My Music\ Locked file. Not scanned. is OK.
C:\Users\Public\Documents\My Pictures\ Locked file. Not scanned. is OK.
C:\Users\Public\Documents\My Videos\ Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Avg\av16\temp\avg-08364842-554e-4f4b-b343-515d52097f1f.tmp Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\History\ Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\ Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\ Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\WebCache\V01.log Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat Locked file. Not scanned. is OK.
C:\Users\nameless\AppData\Local\Microsoft\Windows\WebCacheLock.dat Locked file. Not scanned. is OK.
C:\Users\nameless\Documents\My Music\ Locked file. Not scanned. is OK.
C:\Users\nameless\Documents\My Pictures\ Locked file. Not scanned. is OK.
C:\Users\nameless\Documents\My Videos\ Locked file. Not scanned. is OK.
C:\Users\nameless\NetHood\ Locked file. Not scanned. is OK.
C:\Users\nameless\NTUSER.DAT Locked file. Not scanned. is OK.


this is the new Gmer scan results. i did a rootkit/malware scan and a autostart scan.

GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2016-02-12 21:43:18
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003b HGST_HTS721010A9E630 rev.JB0OA3J0 931.51GB
Running: gmer.exe; Driver: C:\Users\nameless\AppData\Local\Temp\uwrdypob.sys




---- Threads - GMER 2.1 ----


Thread C:\Windows\system32\csrss.exe [1460:3808] fffff960008842d0
---- Processes - GMER 2.1 ----


Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8416] 000000000fe90000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8416] 0000000050380000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [8416] 0000000054fa0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 000000000fe90000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\riched20.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000077cd0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\MSPTLS.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000077bb0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000050380000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000054fa0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\ACECORE.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 00000000500f0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\1033\ACEWSTR.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000055110000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\ACEES.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000050050000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\VBAJET32.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000054f50000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\expsrv.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [8112] 0000000054ef0000


---- Disk sectors - GMER 2.1 ----


Disk \Device\Harddisk0\DR0 unknown MBR code


---- EOF - GMER 2.1 ----








GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Autostart scan 2016-02-12 21:44:59
Windows 6.2.9200


Apple Mobile Device Service@ = "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
avgfws@ = "C:\Program Files (x86)\AVG\Av\avgfws.exe"
AVGIDSAgent@ = "C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
avgsvc@ = "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
avgwd@ = "C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
Bluetooth Device Monitor@ = "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
Bluetooth OBEX Service@ = "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
ETDService@ = C:\Program Files\Elantech\ETDService.exe
EvtEng@ = "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
GfExperienceService@ = "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
gupdate@ = "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
HiPatchService@ = C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
IAStorDataMgrSvc@ = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
iBtSiva@ = C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
igfxCUIService1.0.0.0@ = %SystemRoot%\system32\igfxCUIService.exe
Intel(R) Capability Licensing Service Interface@ = "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
Intel(R) ME Service@ = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
jhi_service@ = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
LMS@ = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
MBAMScheduler@ = "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
MBAMService@ = "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
Micro Star SCM@ = C:\Program Files (x86)\SCM\MSIService.exe
MSI_SuperCharger@ = C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
NvNetworkService@ = "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
NvStreamSvc@ = "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
nvsvc@ = "C:\Windows\system32\nvvsvc.exe"
Qualcomm Atheros Killer Service V2@ = "C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
RegSrvc@ = "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
ZeroConfigService@ = "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"


HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@RTHDVCPL"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
@NvBackend"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
@IAStorIcon"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
@ETDCtrl%ProgramFiles%\Elantech\ETDCtrl.exe /*file not found*/ = %ProgramFiles%\Elantech\ETDCtrl.exe /*file not found*/
@SCMC:\Program Files (x86)\SCM\SCM.exe = C:\Program Files (x86)\SCM\SCM.exe
@iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe"


HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Steam"C:\Program Files (x86)\Steam\steam.exe" -silent = "C:\Program Files (x86)\Steam\steam.exe" -silent
@Skype"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun


HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WebCheck =


HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe@DisableExceptionChainValidation = 3 /*file not found*/


HKLM\Software\Classes\.hta@ = C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) =
@{E6FB5E20-DE35-11CF-9C87-00AA005127ED} /*WebCheck*/(null) =
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\Program Files\NVIDIA Corporation\Display\nvui.dll = C:\Program Files\NVIDIA Corporation\Display\nvui.dll
@{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} /*NVIDIA Play On My TV Context Menu Extension*/%SystemRoot%\system32\nvshext.dll = %SystemRoot%\system32\nvshext.dll
@{A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} /*NvAppShExt extension*/C:\Windows\system32\nv3dappshext.dll = C:\Windows\system32\nv3dappshext.dll
@{E97DEC16-A50D-49bb-AE24-CF682282E08D} /*OpenGLShExt extension*/C:\Windows\system32\nv3dappshext.dll = C:\Windows\system32\nv3dappshext.dll
@{0066D4B3-8DE0-4D08-AA83-EDD50E2431F0} /*ELAN Control Panel*/%ProgramFiles%\Elantech\ETDMcpl.dll /*file not found*/ = %ProgramFiles%\Elantech\ETDMcpl.dll /*file not found*/
@{9D843851-50AA-46EE-829A-784DEBA4716C} /*Bluetooth Property Page Extension*/C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
@{B8DA2B41-7468-4E82-B62C-CB4A0C9158FE} /*Bluetooth Context Menu Extension*/C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
@{0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} /*Bluetooth Send To Wizard*/C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/c:\Program Files\WinZip\wzshls64.dll = c:\Program Files\WinZip\wzshls64.dll
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/c:\Program Files\WinZip\wzshls64.dll = c:\Program Files\WinZip\wzshls64.dll
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/c:\Program Files\WinZip\wzshls64.dll = c:\Program Files\WinZip\wzshls64.dll
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/c:\Program Files\WinZip\wzshls64.dll = c:\Program Files\WinZip\wzshls64.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/(null) =
@{B41DB860-64E4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG Shell Extension*/C:\Program Files (x86)\AVG\Av\avgsea.dll = C:\Program Files (x86)\AVG\Av\avgsea.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG Find Extension*/(null) =


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files (x86)\AVG\Av\avgsea.dll
WinRAR@{B41DB860-64E4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinRAR32@{B41DB860-8EE4-11D2-9906-E49FADC173CA} =
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = c:\Program Files\WinZip\wzshls64.dll


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\WinZip@{E0D79304-84BE-11CE-9641-444553540000} = c:\Program Files\WinZip\wzshls64.dll


HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ >>>
igfxcui@{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =
igfxDTCM@{9B5F5829-A529-4B12-814A-E81BCB8D93FC} = C:\Windows\system32\igfxDTCM.dll
igfxOSP@{FA507C3F-30C6-4DCA-9EE5-2656072EEC14} = C:\Windows\system32\igfxOSP.dll
NvCplDesktopContext@{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = %SystemRoot%\system32\nvshext.dll


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files (x86)\AVG\Av\avgsea.dll
WinRAR@{B41DB860-64E4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinRAR32@{B41DB860-8EE4-11D2-9906-E49FADC173CA} =
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = c:\Program Files\WinZip\wzshls64.dll


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects@{AA58ED58-01DD-4d91-8333-CF10577473F7} = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32@VIDC.FPS1 = frapsv64.dll


HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/p/?LinkId=255141 = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
@Start Pagehttp://go.microsoft.com/fwlink/p/?LinkId=255141 = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm


HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://msi13.msn.com = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
@Start Pagehttp://msi13.msn.com = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm


HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
osf@CLSID = {D924BDC6-C83A-4BD5-90D0-095128A113D1} /*file not found*/
wlpg@CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} /*file not found*/


HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008@LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll


---- EOF - GMER 2.1 ----

Gmer is cool.. but its going to take a long time.. to really look up all those..

You need to stop asking people to use teamviewer, just help them out on the forum so everyone can benefit.

well ooooook...