Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slower performance Suspicious warning from Antivir

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slower performance Suspicious warning from Antivir

Unread postby myronrocks » May 15th, 2011, 7:13 pm

My machine is a bit slow. Also when i scan with Antivir it shows a file that could not be scanned or deleted. Here is a post of mmy DDS log. Thank you!

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Narrow at 16:05:47.76 on Sun 05/15/2011
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.2203 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Narrow\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Narrow\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: QuickNet BHO: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - C:\Program Files (x86)\RegTweaker\key.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Google Update] "C:\Users\Narrow\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Narrow\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Narrow\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
mRun-x64: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
AppInit_DLLs-X64: C:\Windows\system32\guard64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Profiles\61e156nk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cd8198f ... g=en-US&q=
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Users\Narrow\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Users\Narrow\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-3-3 250008]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-3-3 38864]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/07/08 03:10:25];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-3-2 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-3 203264]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-2-17 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-2-17 269480]
R2 ASKService;ASKService;C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-10-14 464264]
R2 ASKUpgrade;ASKUpgrade;C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-10-14 234888]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2011-2-17 83120]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-2-12 148744]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-3-18 23040]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-2-14 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320]
R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-8-3 7451648]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-8-3 268288]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-2-14 222512]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-7-8 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 MAUSBMOBILEPRE;Service for M-Audio MobilePre;C:\Windows\System32\drivers\MAudioMobilePre.sys [2009-9-2 187912]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2008-1-20 22528]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-10-20 89920]
.
=============== Created Last 30 ================
.
2011-05-14 09:05:48 8802128 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{417D9D53-F09C-4D8B-856D-59EDD157119F}\mpengine.dll
2011-05-12 20:26:37 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-05-12 20:26:37 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-04-26 17:35:56 -------- d-----r- C:\Users\Narrow\Dropbox
2011-04-26 17:32:51 -------- d-----w- C:\Users\Narrow\AppData\Roaming\Dropbox
2011-04-26 17:25:50 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-26 17:25:50 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-26 17:25:44 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-04-26 17:25:44 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-04-26 17:25:43 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-26 17:25:41 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-04-26 01:43:14 -------- d-----w- C:\Users\Narrow\New Folder
.
==================== Find3M ====================
.
2011-03-31 18:18:36 24912 ----a-w- C:\Windows\System32\dopdfmn7.dll
2011-03-31 18:18:34 20816 ----a-w- C:\Windows\System32\dopdfmi7.dll
2011-03-10 17:18:03 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-10 17:18:02 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-10 17:03:51 1162240 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-10 17:03:51 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-03 16:02:50 975872 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-03 15:59:37 100352 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59:36 331776 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59:36 284672 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42:03 739328 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-03 15:40:07 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll
2011-03-03 13:46:31 2762240 ----a-w- C:\Windows\System32\win32k.sys
2011-03-02 16:12:21 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-02-24 16:38:07 991104 ----a-w- C:\Windows\System32\winresume.efi
2011-02-24 16:38:07 979840 ----a-w- C:\Windows\System32\winresume.exe
2011-02-24 16:37:57 1076608 ----a-w- C:\Windows\System32\winload.efi
2011-02-24 16:37:57 1063296 ----a-w- C:\Windows\System32\winload.exe
2011-02-24 16:37:53 20864 ----a-w- C:\Windows\System32\kdusb.dll
2011-02-24 16:37:53 18816 ----a-w- C:\Windows\System32\kd1394.dll
2011-02-24 16:37:53 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-02-22 14:47:08 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-22 14:13:01 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53:33 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-22 13:53:27 1149440 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-22 13:33:12 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-18 16:50:48 1032192 ----a-w- C:\Windows\System32\wininet.dll
2011-02-18 16:38:42 834048 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-18 15:55:33 86528 ----a-w- C:\Windows\System32\ieencode.dll
2011-02-18 15:45:02 78336 ----a-w- C:\Windows\SysWow64\ieencode.dll
2011-02-18 15:19:20 485376 ----a-w- C:\Windows\System32\html.iec
2011-02-18 14:49:21 389632 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-18 14:18:15 450560 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-18 14:17:59 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-18 14:17:57 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-18 14:16:30 274432 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-18 14:16:29 135680 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-18 14:16:27 106496 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-18 14:16:16 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-18 05:24:16 362784 ----a-w- C:\Windows\System32\guard64.dll
2011-02-18 05:24:16 285480 ----a-w- C:\Windows\SysWow64\guard32.dll
2011-02-18 05:24:14 38864 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2011-02-18 05:24:14 250008 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2011-02-18 05:24:14 14184 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2011-02-16 16:43:31 603136 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-16 16:37:47 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-16 16:21:07 430080 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-16 16:16:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-16 14:15:24 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-16 14:02:23 292864 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
============= FINISH: 16:07:14.35 ===============
myronrocks
Active Member
 
Posts: 5
Joined: May 15th, 2011, 7:09 pm
Advertisement
Register to Remove

Re: Slower performance Suspicious warning from Antivir

Unread postby Gary R » May 18th, 2011, 1:24 am

Looking over your log, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slower performance Suspicious warning from Antivir

Unread postby Gary R » May 18th, 2011, 1:44 am

Your DDS log shows you have the following "protection" suites installed .....

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}

.... also a remnant from an old Norton installation that served a similar function ....

S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]


Running two similar programs (Comodo and Avira) will cause conflicts and will definitely slow down your machine. It will not give you extra protection.

To remove Norton fully from your computer .... go to HERE and follow the directions appropriate to your version. As you're not bothered about re-installing it, it won't be necessary for you to get the product key information.

Do you connect to the Internet using a router ?

If you do then it's not necessary to have a 3rd party firewall, the one that comes with Vista is quite adequate to protect you. I recommend you go to start > control panel > programs > uninstall a program and uninstall Comodo which IMO is a much inferior product to Avira Anti-Vir.

There are still thing in your log that need attention, so once you've removed Norton and uninstalled Comodo ....

First

Reboot your computer

Next

Download OTL by OldTimer to your Desktop.

Alternative Download

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slower performance Suspicious warning from Antivir

Unread postby myronrocks » May 20th, 2011, 2:35 pm

Ok thanks. I can not figure out what version of Norton I have. I can not find the file anywhere on my pc. I search for it and find nothing. so I decided to try the removal tool for 2006 and later. It is currently running but is not really doing much of anything.
myronrocks
Active Member
 
Posts: 5
Joined: May 15th, 2011, 7:09 pm

Re: Slower performance Suspicious warning from Antivir

Unread postby myronrocks » May 20th, 2011, 2:54 pm

ok yes i am now using the correct removal tool. norton is being removed. Comodo has been removed. I will move on to OTL shortly and post both log files. Thanks.
myronrocks
Active Member
 
Posts: 5
Joined: May 15th, 2011, 7:09 pm

Re: Slower performance Suspicious warning from Antivir

Unread postby myronrocks » May 20th, 2011, 3:05 pm

OTL logfile created on: 5/20/2011 11:55:48 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Narrow\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.10 Gb Total Space | 139.72 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 12.99 Gb Total Space | 2.03 Gb Free Space | 15.62% Space Free | Partition Type: NTFS

Computer Name: NARROW-PC | User Name: Narrow | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/20 11:50:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Narrow\Downloads\OTL.exe
PRC - [2011/05/13 11:37:19 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/05/03 16:42:12 | 024,172,208 | ---- | M] (Dropbox, Inc.) -- C:\Users\Narrow\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/04/30 18:25:49 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/04/27 11:57:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/17 16:38:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 15:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/17 08:44:12 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2009/05/08 17:32:38 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe
PRC - [2008/12/25 13:41:20 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/25 13:41:16 | 001,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/12/17 17:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/28 18:04:26 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/26 17:13:08 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2008/11/26 17:13:08 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


========== Modules (SafeList) ==========

MOD - [2011/05/20 11:50:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Narrow\Downloads\OTL.exe
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/03 18:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/06/03 21:43:18 | 000,239,104 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/08/26 07:02:20 | 000,016,896 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/03/18 16:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/13 11:37:19 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/27 11:57:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/17 16:38:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/17 14:35:35 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/17 17:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 17:13:08 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2008/11/26 17:13:08 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/01/10 15:23:53 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/01/10 15:23:52 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/03 19:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/08/03 19:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/03 18:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/10/17 20:58:06 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/02 14:29:08 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\MAudioMobilePre.sys -- (MAUSBMOBILEPRE)
DRV:64bit: - [2009/06/03 21:43:18 | 000,486,400 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/06 09:06:18 | 000,197,120 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/12/20 00:03:08 | 001,344,000 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/12/04 15:55:12 | 000,261,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/10/29 08:55:52 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/09/04 10:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/05/28 17:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/04/28 01:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2008/03/27 12:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 12:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/01/20 19:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel(R)
DRV:64bit: - [2008/01/20 19:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 17:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 18:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 14:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/07/08 16:34:59 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\Partizan.sys -- (Partizan)
DRV - [2008/11/28 18:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/07/08 03:10:25] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cd8198f&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/30 18:25:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 18:25:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/02/09 17:24:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/02/09 17:29:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Narrow\AppData\Roaming\Mozilla\Extensions
[2011/02/09 17:29:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Narrow\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/19 14:36:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Profiles\61e156nk.default\extensions
[2010/07/24 05:26:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Profiles\61e156nk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/04 11:47:18 | 000,000,903 | ---- | M] () -- C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Profiles\61e156nk.default\searchplugins\conduit.xml
[2011/04/17 22:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/05 17:35:33 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/24 05:25:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/17 22:24:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (QuickNet BHO) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - File not found
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000..\Run: [HPAdvisor] File not found
O4 - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2853715004-4071874606-1627533231-1000..\Run: [WMPNSCFG] File not found
O4 - Startup: C:\Users\Narrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Narrow\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Narrow\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bdffe996-bb9a-11de-9480-00238bfb1081}\Shell - "" = AutoRun
O33 - MountPoints2\{bdffe996-bb9a-11de-9480-00238bfb1081}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (Partizan) - C:\Windows\SysWow64\Partizan.exe (Greatis Software)
O34 - HKLM BootExecute: (ootExecute settings...) - File not found
O34 - HKLM BootExecute: (ount) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/20 11:26:34 | 000,000,000 | ---D | C] -- C:\Users\Narrow\Desktop\apps
[2011/04/26 10:35:56 | 000,000,000 | R--D | C] -- C:\Users\Narrow\Dropbox
[2011/04/26 10:33:31 | 000,000,000 | ---D | C] -- C:\Users\Narrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/04/26 10:32:51 | 000,000,000 | ---D | C] -- C:\Users\Narrow\AppData\Roaming\Dropbox
[2011/04/26 10:25:50 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/26 10:25:50 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/26 10:25:44 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2011/04/26 10:25:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011/04/26 10:25:43 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011/04/26 10:25:41 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/04/25 18:43:14 | 000,000,000 | ---D | C] -- C:\Users\Narrow\New Folder

========== Files - Modified Within 30 Days ==========

[2011/05/20 11:50:53 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/20 11:50:53 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/20 11:50:53 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/20 11:43:16 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/20 11:43:15 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/20 11:43:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/20 11:43:01 | 4292,698,112 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/20 11:17:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2853715004-4071874606-1627533231-1000UA.job
[2011/05/19 14:43:42 | 000,011,000 | ---- | M] () -- C:\Users\Narrow\AppData\Roaming\wklnhst.dat
[2011/05/19 10:17:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2853715004-4071874606-1627533231-1000Core.job
[2011/05/16 19:30:41 | 000,002,551 | ---- | M] () -- C:\Users\Narrow\Application Data\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk
[2011/05/15 08:17:57 | 000,002,086 | ---- | M] () -- C:\Users\Narrow\Desktop\Google Chrome.lnk
[2011/05/15 08:17:57 | 000,002,048 | ---- | M] () -- C:\Users\Narrow\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/09 19:12:58 | 000,000,941 | ---- | M] () -- C:\Users\Narrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/05/04 23:02:41 | 000,000,680 | ---- | M] () -- C:\Users\Narrow\AppData\Local\d3d9caps.dat
[2011/04/25 18:16:16 | 000,010,752 | ---- | M] () -- C:\Users\Narrow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/04/26 10:33:50 | 000,000,941 | ---- | C] () -- C:\Users\Narrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/03/05 17:36:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/22 12:38:01 | 000,000,139 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/11/22 12:20:47 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/07/21 15:02:14 | 000,000,000 | ---- | C] () -- C:\Users\Narrow\AppData\Local\prvlcl.dat
[2010/06/15 15:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/03/30 16:10:58 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010/03/30 16:10:58 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010/03/30 16:10:58 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010/03/30 16:05:32 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010/03/30 16:05:32 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2009/10/20 14:34:52 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/20 14:34:20 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/10/20 14:33:52 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/10/19 00:50:43 | 000,019,858 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009/10/16 18:47:12 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/10/16 18:47:12 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2170W.DAT
[2009/10/14 19:42:36 | 000,010,752 | ---- | C] () -- C:\Users\Narrow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/09 07:21:49 | 000,000,680 | ---- | C] () -- C:\Users\Narrow\AppData\Local\d3d9caps.dat
[2009/10/08 08:07:43 | 000,000,343 | ---- | C] () -- C:\Windows\doom3.ini
[2009/10/07 00:57:41 | 000,011,000 | ---- | C] () -- C:\Users\Narrow\AppData\Roaming\wklnhst.dat
[2009/07/08 03:04:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/02/14 08:55:57 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/01/21 16:51:52 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 08:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 05:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 05:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 02:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2010/03/22 15:55:06 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Ableton
[2011/02/17 19:09:08 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Azureus
[2009/10/17 21:06:53 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\DAEMON Tools Pro
[2011/05/20 11:45:18 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Dropbox
[2010/07/08 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\GetRightToGo
[2010/04/08 19:27:37 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Publish Providers
[2011/04/11 14:38:29 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Softland
[2010/04/08 19:26:25 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Sony
[2009/10/10 00:36:55 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Template
[2011/02/15 13:32:12 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\thriXXX
[2011/02/09 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Thunderbird
[2010/03/30 23:43:38 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\Uniblue
[2009/10/06 00:41:27 | 000,000,000 | ---D | M] -- C:\Users\Narrow\AppData\Roaming\WildTangent
[2011/01/18 10:05:44 | 000,000,000 | ---D | M] -- C:\Users\werk\AppData\Roaming\PeerNetworking
[2011/05/20 11:38:09 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >
myronrocks
Active Member
 
Posts: 5
Joined: May 15th, 2011, 7:09 pm

Re: Slower performance Suspicious warning from Antivir

Unread postby myronrocks » May 20th, 2011, 3:05 pm

OTL Extras logfile created on: 5/20/2011 11:55:48 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Narrow\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.10 Gb Total Space | 139.72 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 12.99 Gb Total Space | 2.03 Gb Free Space | 15.62% Space Free | Partition Type: NTFS

Computer Name: NARROW-PC | User Name: Narrow | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2853715004-4071874606-1627533231-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 13 5B 13 4B 1E AC CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0396A641-7257-4AA7-83CF-0CA3332BF9C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{0D67B77B-3F08-4A5C-893F-14BB1BE2A82C}" = rport=137 | protocol=17 | dir=out | app=system |
"{248BE427-80AD-40A7-A175-37C26ACD26A9}" = rport=139 | protocol=6 | dir=out | app=system |
"{40DD5CDE-F14D-48A6-8BAE-BDA023D70B07}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47D7875A-70DF-4479-AB0B-4381FB886F17}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4DCA5A71-189A-40FE-B7DB-A9E8D45B09F3}" = lport=138 | protocol=17 | dir=in | app=system |
"{5A400647-E12D-4ED5-A174-EC988FFD7DAC}" = lport=137 | protocol=17 | dir=in | app=system |
"{65D12D4A-6C76-4429-B7CF-B559F03FBDBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A2347A5A-68CF-40EE-9FEA-417501B1A9FF}" = lport=139 | protocol=6 | dir=in | app=system |
"{AB3D497F-4686-4C20-9F4C-2C1A57657C6A}" = lport=445 | protocol=6 | dir=in | app=system |
"{CEEF304A-6C52-4D43-A570-9448443E62A7}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0145F310-3D4A-462C-A36F-F0EE20AFF88D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0472B928-4AA6-41F4-A272-A605155AD782}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{08246FDF-90D8-4CEC-917C-D7C80D91448E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{105B2217-D465-4858-B6CF-BBC3B1921048}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{11EDB7C5-EDCF-404B-B84E-6762847F5DE5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{1D89A0FC-9DF0-4920-AE48-DF8D824B74FF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{201B726F-2065-445A-8EB8-1DAB0F9A3E13}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{215E4F2A-DBD2-44B3-94B0-F35B5988A815}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{274ACEB4-0270-47E7-9C41-856ED11CBF29}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{30645D8B-0223-42BA-B828-33E3FAB3DA1B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{311ADC9A-048C-4B40-A248-C2BE5D8B0A61}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{358F7878-FA5A-4BC1-B9D6-A20485A1476E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{372B2BA5-8794-4A5D-8FCB-1A9926E22489}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3D690D42-9D5E-4456-BFBB-F15AF4AB47A1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{401D382F-72FA-472A-946A-CF09D00A2B48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{441D534A-2238-4C40-8317-5E911498AAF1}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{513E5B6D-E377-4313-891E-2C0F56CE78D5}" = protocol=17 | dir=in | app=c:\users\narrow\appdata\local\temp\7zs2a3b.tmp\symnrt.exe |
"{552CE61A-53F9-4681-A74A-C3541FF16996}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{59273962-3398-49FC-928B-DF3FEC768694}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{5FB3257C-0946-41BD-8D4D-8B42314AB2C1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6584817B-4537-4735-AFC2-5B6A84A9C2D2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{721F1459-EED0-4461-8AA4-8B9EDE5581AC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{79F9B6E3-825B-416A-B8FB-E8FE0CB646FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{835FFB71-1342-43BD-A3AF-89A9809F61A0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{8FB43C4D-A9C5-4CA1-A87D-16810B2EDF5F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{968E2B60-4350-454E-8912-D9AE4F8AF8DA}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{A5D534E2-BDA6-450C-884D-46A59AECC84D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{A74228F8-57B5-43FC-B4E3-BAD4E959C0F1}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{A8E85DAD-58EF-4942-94C9-6881D00F9EB1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AC1ACBFF-8E29-410F-A416-EC2AC48FCAF0}" = protocol=6 | dir=in | app=c:\users\narrow\appdata\roaming\dropbox\bin\dropbox.exe |
"{B174CABE-C8C4-44BC-9BE5-131049346ED2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{B1A19D4D-6D5C-468F-9501-1CC92155A9A3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B6CEA99C-4640-440C-99B1-A7983233DCB0}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{BD103346-EFF3-4490-840A-E97496D7C36E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BD76DD7E-3EC9-4D32-903A-C954355CBD6C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{CEA67A4F-1FD1-4AA5-B752-413BC7F1842D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DF5D185B-7AA0-4B85-A939-6709D06FE8A5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DFF2F4CB-8CD2-481F-99E7-21321FB4B5F4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{F277FAFC-E77A-446B-9B75-D2AEBDB70DFB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{FC6FB5B7-B5BA-4402-B51F-102DF8E36838}" = protocol=17 | dir=in | app=c:\users\narrow\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD25CA43-D5FC-4E7E-96FF-15BE174599E4}" = protocol=6 | dir=in | app=c:\users\narrow\appdata\local\temp\7zs2a3b.tmp\symnrt.exe |
"{FFEE3716-DFE8-4E31-BE37-FF924F7DB194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{1FABF231-923B-4C56-8ED4-32CC304A92CA}C:\program files (x86)\spssinc\statistics17\statistics.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spssinc\statistics17\statistics.exe |
"TCP Query User{45F49345-E561-45BD-ACF9-6841F9423969}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{A3C48599-1F08-4436-899D-4AA056937361}C:\program files (x86)\spssinc\statistics17\statistics.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spssinc\statistics17\statistics.exe |
"UDP Query User{ECC2C92E-68B2-4B58-9D7B-7234CAE51475}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{2A45D0A4-7B5E-4294-A03B-A494F189F733}" = M-Audio MobilePre Driver 6.0.1 (x64)
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{69D65833-4A83-267A-7DB4-9FCBBE72675D}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{A269F383-3E55-DAFF-F948-655FDB3DB58A}" = ccc-utility64
"{C44218B2-EC4D-4EB9-A3E3-F8F4A46927EC}" = MySQL Connector/ODBC 5.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.2 printer
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{15353551-375C-8E5A-5CAF-A4564C1CC2A5}" = ccc-core-static
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}" = HP User Guides 0126
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{485B9C29-6B47-22AF-022A-F9D65292F3A7}" = CCC Help English
"{4893B2BB-5C9B-7E6C-4BAD-BDFBAB33184A}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0A96C1-2C2D-4C84-81B0-B87EB2522837}" = Sony Sound Forge 7.0
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5725E5CA-A91D-C903-99DB-F8C010E0B637}" = Catalyst Control Center InstallProxy
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6F206B58-E2F7-4A70-ACAC-8E0ABFBC62F6}" = MySQL Connector/ODBC 5.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A8C4C48C-EE3D-F934-D312-99B7793E9740}" = Skins
"{AB7D24EC-BB5A-E746-C5D2-526BBE6C36AD}" = Catalyst Control Center Graphics Previews Vista
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0379E71-7CB9-893E-1A20-9581E10999EC}" = Catalyst Control Center InstallProxy
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{EFD0BFEB-980E-491B-833B-A8848E5E0F0F}" = Hyplay
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Ask Toolbar_is1" = Vuze Toolbar
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CUZ4_is1" = CAM UnZip 4.42
"Diablo II" = Diablo II
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Greatis Reanimator_is1" = RegRun Reanimator
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Live 8.0.4" = Live 8.0.4
"Live Lite 4 for M-Audio 4.0.4" = Live Lite 4 for M-Audio 4.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Porrasturvat - Stair Dismount" = Porrasturvat - Stair Dismount
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = My HP Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2853715004-4071874606-1627533231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Diablo II" = Diablo II
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/13/2011 1:32:37 PM | Computer Name = Narrow-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/13/2011 1:33:26 PM | Computer Name = Narrow-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/13/2011 1:40:34 PM | Computer Name = Narrow-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to copy new service file to temp location

Error - 5/13/2011 1:41:11 PM | Computer Name = Narrow-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to copy new service file to temp location

Error - 5/13/2011 2:19:46 PM | Computer Name = Narrow-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/13/2011 2:19:46 PM | Computer Name = Narrow-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/13/2011 2:21:05 PM | Computer Name = Narrow-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/13/2011 2:37:54 PM | Computer Name = Narrow-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to copy new service file to temp location

Error - 5/13/2011 2:38:14 PM | Computer Name = Narrow-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to copy new service file to temp location

Error - 5/14/2011 5:54:36 PM | Computer Name = Narrow-PC | Source = Application Hang | ID = 1002
Description = The program iTunes.exe version 10.1.1.4 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 69c Start Time: 01cc128075b60230 Termination Time: 99

[ System Events ]
Error - 5/20/2011 2:13:57 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/20/2011 2:14:28 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 5/20/2011 2:14:28 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/20/2011 2:42:51 PM | Computer Name = Narrow-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 5/20/2011 2:42:56 PM | Computer Name = Narrow-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 5/20/2011 2:44:16 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/20/2011 2:44:16 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/20/2011 2:44:16 PM | Computer Name = Narrow-PC | Source = DCOM | ID = 10016
Description =

Error - 5/20/2011 2:46:39 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 5/20/2011 2:46:39 PM | Computer Name = Narrow-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
myronrocks
Active Member
 
Posts: 5
Joined: May 15th, 2011, 7:09 pm

Re: Slower performance Suspicious warning from Antivir

Unread postby Gary R » May 20th, 2011, 4:44 pm

Download CKScanner to your Desktop.
  • Doubleclick CKScanner.exe to launch it.
  • Click Search For Files.
  • After a couple minutes a list will appear in the panel to the right.
  • Click Save List To File.
  • A message box will verify the file saved.
  • Close CKScanner.
  • Copy/paste the contents of ckfiles.txt in your next reply please (it will be on your Desktop).
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slower performance Suspicious warning from Antivir

Unread postby Gary R » May 23rd, 2011, 9:24 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware