Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Really slow vista

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Really slow vista

Unread postby doommonk » August 26th, 2011, 3:37 am

After i was installed vista to factory defaults i opened an expired version of ie and i think i got a virus from it. I already read the board on non-virus slowness and think that this is not the case here. I'm assuming it's a virus b/c ie open a new window that took me to a phishing site. i tried to close the pop up window as fast as i could but i think my computer was infected b/c of the noticeable drop in speed.

Edit: the virus has worsened, it will now not allow me to use firefox to access the internet and has decreased my comp. speed even more. My antivirus has also deactivated itself and wont let me reactivate it(microsoft seq ess).

Edit:Edit:
So the reason that i think it was running slow is due to the processes Trustedinstaller.exe and scvhost.exe eating all of my CPU. They seem to do this at random and can take 1min-10min+ to reboot themselves after i end them in task manager. Exiting them does seem to help although MSE will still not turn on on demand.

DDS.txt:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 10.0.0
Run by Maria at 20:28:39 on 2011-08-26
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2938.1481 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\RtkAudioService.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sony\VAIO Care\collsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [VAIOMyMemCenter] "c:\program files\sony\vaio my memory center\VAIO MyMemCenter.exe" 1
mRun: [VAIORegistration] "c:\program files\sony\first experience\WelcomeLauncher.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\VAIO Sat Survey.exe"
mRun: [VWLASU] "c:\program files\sony\vaio wireless wizard\AutoLaunchWLASU.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D10402C1-9CDE-4582-A6B7-6C0D33B0E7BC} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\maria\appdata\roaming\mozilla\firefox\profiles\12ig9t47.default\
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-25 366640]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-10-29 104992]
R2 SampleCollector;Intel(R) Sample Collector;c:\program files\sony\vaio care\collsvc.exe [2011-8-24 122880]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-10-29 415584]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2008-9-3 446464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-25 22712]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-6-17 128272]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-10-29 9344]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-8-24 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-8-24 83232]
.
=============== Created Last 30 ================
.
2011-08-27 03:10:11 -------- d-----w- c:\program files\COMODO
2011-08-27 03:09:05 -------- d-----w- c:\programdata\Comodo
2011-08-27 03:08:36 -------- d-----w- c:\programdata\Comodo Downloader
2011-08-26 08:33:47 -------- d-----w- c:\users\maria\appdata\local\Solid State Networks
2011-08-26 04:24:04 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ab6fd873-53e5-4bef-b6e8-83f30c934b89}\mpengine.dll
2011-08-26 02:50:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-26 02:50:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-26 02:24:36 -------- d-----r- C:\Sandbox
2011-08-26 02:24:18 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-08-26 02:24:15 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-08-26 02:24:13 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-08-26 02:24:12 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-08-26 02:24:12 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-08-26 02:24:12 11264 ----a-w- c:\windows\system32\icardres.dll
2011-08-26 02:24:07 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-08-26 02:23:56 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2011-08-26 02:12:52 96760 ----a-w- c:\windows\system32\dfshim.dll
2011-08-26 02:12:45 282112 ----a-w- c:\windows\system32\mscoree.dll
2011-08-26 02:12:44 41984 ----a-w- c:\windows\system32\netfxperf.dll
2011-08-26 02:12:21 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-08-26 02:12:07 83968 ----a-w- c:\windows\system32\mscories.dll
2011-08-26 02:05:48 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-08-26 02:05:42 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-08-26 02:05:41 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-08-26 02:03:45 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-08-26 01:58:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2011-08-26 01:58:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2011-08-26 01:58:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2011-08-26 01:58:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2011-08-26 01:58:55 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2011-08-26 01:58:55 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2011-08-25 19:07:29 -------- d-----w- c:\program files\common files\Steam
2011-08-25 19:07:18 -------- d-----w- c:\program files\Steam
2011-08-25 19:07:00 -------- d-----w- c:\program files\Sandboxie
2011-08-25 19:03:19 -------- d-----w- c:\users\maria\appdata\local\Mozilla
2011-08-25 18:17:42 -------- d-----w- c:\windows\Intuit
2011-08-25 18:14:45 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{281e0119-8464-4adf-8a25-d3d03accd4e8}\gapaengine.dll
2011-08-25 18:14:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-08-25 18:11:20 -------- d-----w- c:\program files\Microsoft Security Client
2011-08-25 18:11:01 -------- d-----w- c:\users\maria\appdata\local\Adobe
2011-08-25 18:09:49 -------- d-----w- c:\users\maria\appdata\roaming\Malwarebytes
2011-08-25 18:09:44 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-25 18:09:44 -------- d-----w- c:\programdata\Malwarebytes
2011-08-25 18:09:37 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-25 18:09:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-25 18:02:17 2868224 ----a-w- c:\windows\system32\mf.dll
2011-08-25 18:02:08 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-08-25 18:02:08 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-08-25 18:01:44 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-08-25 18:01:44 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-08-25 18:01:44 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-08-25 18:01:44 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-08-25 18:01:44 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2011-08-25 18:01:44 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2011-08-25 18:01:43 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-08-25 17:59:59 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-25 17:57:56 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-08-25 17:56:59 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2011-08-25 17:56:59 1315840 ----a-w- c:\windows\system32\ole32.dll
2011-08-25 17:56:33 71680 ----a-w- c:\windows\system32\atl.dll
2011-08-25 17:56:26 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-08-25 17:56:19 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-08-25 17:56:13 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-25 17:56:08 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-08-25 17:56:08 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-08-25 17:56:01 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-08-25 17:55:56 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-08-25 17:55:51 2042368 ----a-w- c:\windows\system32\win32k.sys
2011-08-25 17:55:44 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-08-25 17:55:30 763904 ----a-w- c:\windows\system32\MSDTVVDEC.DLL
2011-08-25 17:55:27 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-25 17:55:04 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-08-25 17:55:00 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-08-25 17:53:59 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-08-25 17:52:38 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-08-25 17:51:58 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-08-25 17:51:57 276992 ----a-w- c:\windows\system32\schannel.dll
2011-08-25 17:40:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-08-25 17:40:21 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-08-25 17:37:16 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-08-25 17:37:14 98304 ----a-w- c:\windows\system32\cabview.dll
2011-08-25 17:26:17 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-25 17:22:41 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-08-25 17:22:27 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-08-25 17:22:15 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-08-25 17:22:15 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-08-25 07:01:26 98304 ------w- c:\windows\system32\VESWinlogon.dll
2011-08-25 06:58:46 -------- d-----w- c:\programdata\Uninstall
2011-08-25 06:57:44 129520 ------w- c:\windows\system32\pxafs.dll
2011-08-25 06:54:28 245408 ------w- c:\windows\system32\unicows.dll
2011-08-25 06:54:28 212480 ------w- c:\windows\system32\PCDLIB32.DLL
2011-08-25 06:54:26 55808 ------w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-08-25 06:54:25 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2011-08-25 06:54:24 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2011-08-25 06:54:24 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2011-08-25 06:54:24 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2011-08-25 06:54:24 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2011-08-25 06:50:38 114688 ----a-w- c:\program files\windows sidebar\gadgets\ebaygadget.gadget\bin\eBayGadget.dll
2011-08-25 06:43:44 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2011-08-25 06:43:44 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2011-08-25 06:43:44 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2011-08-25 06:43:44 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2011-08-25 06:43:44 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2011-08-25 06:43:44 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2011-08-25 06:43:44 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2011-08-25 06:43:03 -------- d-----w- c:\program files\OCA Marker
2011-08-25 06:42:28 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-08-25 06:42:28 -------- d-----w- c:\program files\common files\Napster Shared
2011-08-25 06:42:17 -------- d-----w- c:\programdata\Napster
2011-08-25 06:40:53 33104 ------w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-08-25 06:40:53 32592 ------w- c:\windows\system32\msonpmon.dll
2011-08-25 06:40:04 -------- d-----w- c:\windows\PCHEALTH
2011-08-25 06:38:00 -------- d-----w- c:\program files\common files\supportsoft
2011-08-25 06:37:54 3518464 ------w- c:\windows\system32\cdintf300.dll
2011-08-25 06:37:54 1843200 ------w- c:\windows\system32\acXMLParser.dll
2011-08-25 06:36:41 -------- d-----w- c:\programdata\Intuit
2011-08-25 06:36:41 -------- d-----w- c:\program files\Intuit
2011-08-25 06:36:41 -------- d-----w- c:\program files\common files\Intuit
2011-08-25 06:36:23 -------- d-----w- c:\programdata\SQL Anywhere 10
2011-08-25 06:36:23 -------- d-----w- c:\programdata\COMMON FILES
2011-08-25 06:36:17 -------- d-----w- c:\program files\MSXML 4.0
2011-08-25 06:31:12 -------- d-----w- c:\windows\Sonysys
.
==================== Find3M ====================
.
2011-07-06 14:56:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-30 16:37:56 36568 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 16:37:56 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 16:37:54 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 16:37:26 285256 ----a-w- c:\windows\system32\guard32.dll
.
============= FINISH: 20:29:02.06 ===============

Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/24/2011 11:25:52 PM
System Uptime: 8/26/2011 1:11:04 PM (7 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | N/A | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 224 GiB total, 173.419 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP63: 8/25/2011 10:21:58 AM - Windows Update
RP64: 8/25/2011 10:25:11 AM - Installed Java(TM) 6 Update 26
RP66: 8/25/2011 10:28:22 AM - Configured Click to Disc Editor
RP67: 8/25/2011 10:30:44 AM - Removed Compatibility Pack for the 2007 Office system
RP69: 8/25/2011 10:31:24 AM - Removed Microsoft Office Home and Student 2007
RP70: 8/25/2011 10:55:16 AM - Removed Microsoft Office Suite Activation Assistant.
RP71: 8/25/2011 10:57:23 AM - Installed
RP72: 8/25/2011 10:57:46 AM - Installed
RP73: 8/25/2011 10:59:48 AM - Installed
RP74: 8/25/2011 11:01:32 AM - Installed
RP75: 8/25/2011 11:02:57 AM - Installed
RP76: 8/25/2011 11:09:57 AM - Windows Update
RP77: 8/25/2011 11:13:44 AM - Windows Update
RP78: 8/25/2011 11:17:55 AM - Removed Microsoft Works
RP80: 8/25/2011 11:23:07 AM - Removed VAIO DVD Menu Data Basic
RP82: 8/25/2011 11:25:18 AM - Removed VAIO Movie Story Template Data
RP84: 8/25/2011 11:27:52 AM - Removed Sony Picture Utility
RP86: 8/25/2011 11:29:42 AM - Removed TapeUtility
RP88: 8/25/2011 11:31:37 AM - Removed Shared2
RP90: 8/25/2011 11:33:41 AM - Removed PMBCore
RP92: 8/25/2011 11:35:42 AM - Removed VideoUtility
RP94: 8/25/2011 11:37:51 AM - Removed VAIO Help and Support
RP96: 8/25/2011 11:39:45 AM - Removed VAIO Wallpaper Contents
RP98: 8/25/2011 11:42:04 AM - Removed WinDVD
RP100: 8/25/2011 11:57:10 AM - Removed VAIO Sample Music
RP102: 8/25/2011 11:58:58 AM - Removed VAIO MusicBox
RP104: 8/25/2011 12:00:29 PM - Removed VAIO Movie Story
RP105: 8/25/2011 12:06:52 PM - Installed Steam
RP106: 8/25/2011 6:54:24 PM - Windows Update
RP107: 8/26/2011 12:16:53 AM - Windows Update
RP108: 8/26/2011 1:24:31 AM - Removed Java(TM) SE Runtime Environment 6
RP109: 8/26/2011 1:24:50 AM - Removed Java(TM) 6 Update 26
RP111: 8/26/2011 1:30:28 AM - Removed Napster
RP112: 8/26/2011 1:31:13 AM - Removed Napster Burn Engine
RP113: 8/26/2011 1:32:59 AM - Removed Java(TM) SE Runtime Environment 6
RP114: 8/26/2011 1:42:27 AM - Installed Java(TM) SE Development Kit 7
RP115: 8/26/2011 1:49:40 AM - Installed Java(TM) 7
RP116: 8/26/2011 11:34:18 AM - Windows Update
RP117: 8/26/2011 11:36:36 AM - Windows Update
RP118: 8/26/2011 8:09:42 PM - Installed COMODO Internet Security
.
==== Installed Programs ======================
.
.
ArcSoft WebCam Companion 2
COMODO Internet Security
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 7
Java(TM) SE Development Kit 7
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 6.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Transfer
Napster Burn Engine
OpenMG Secure Module 5.1.00
Primo
Realtek High Definition Audio Driver
Sandboxie 3.56 (32-bit)
Setting Utility Series
Sony Video Shared Library
Steam
SupportSoft Assisted Service
Synaptics Pointing Device Driver
Team Fortress 2
VAIO Care
VAIO Content Folder Setting
VAIO Content Folder Watcher
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Launcher
VAIO Media plus Opening Movie
VAIO My Memory Center
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO Power Management
VAIO Presentation Support
VAIO Startup Assistant
VAIO Survey
VAIO Update 4
VAIO Wireless Wizard
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
8/25/2011 6:47:54 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
8/25/2011 12:25:33 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/25/2011 12:24:57 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 126
8/25/2011 12:09:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
8/25/2011 12:09:53 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 11:14:59 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
8/25/2011 10:36:42 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
8/25/2011 10:36:42 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2011 10:36:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/25/2011 10:23:28 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update ActiveX from package WindowsUpdateClient-SelfUpdate-ActiveX-Package(Feature Pack) into Staged(Staged) state
8/25/2011 10:23:28 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-ActiveX-Package (Feature Pack) into Install Requested(Install Requested) state
.
==== End Of File ===========================
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am
Advertisement
Register to Remove

Re: Really slow vista

Unread postby MWR 3 day Mod » August 29th, 2011, 3:01 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Really slow vista

Unread postby deltalima » August 31st, 2011, 4:19 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby deltalima » August 31st, 2011, 4:25 pm

Hi doommonk,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe and select: Run as Administrator.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Right click the .exe file and select: Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Please let me know if the computer is used for home or for business use.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 2:28 pm

Please note that i must end the process svchost.exe to be able to open the browser.

OTL.txt:

OTL logfile created on: 9/1/2011 11:16:14 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Maria\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 69.50% Memory free
5.96 Gb Paging File | 5.03 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.86 Gb Total Space | 156.63 Gb Free Space | 69.97% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Windows\RtkAudioService.exe File not found
PRC - C:\Windows\Explorer.EXE File not found
PRC - C:\Users\Maria\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - (RtkAudioService) -- C:\Windows\RtkAudioService.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SampleCollector) Intel(R) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=SNYR
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=SNYR


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=SNYR
IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=SNYR
IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-267834430-2803507182-2688529489-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/25 11:41:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/25 12:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Extensions
[2011/08/26 01:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\12ig9t47.default\extensions
[2011/08/26 01:22:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\12ig9t47.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/26 01:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/26 01:50:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MARIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\12IG9T47.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011/08/27 08:57:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/11 22:57:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/11 20:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/26 01:28:28 | 004,365,886 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: ::1 ___id___.c.mystat-in.net
O1 - Hosts: ::1 0.gravatar.com
O1 - Hosts: ::1 0.gvt0.com
O1 - Hosts: ::1 0.r.msn.com
O1 - Hosts: ::1 00.eatgoogle.345.pl
O1 - Hosts: ::1 00.eatgoogle.bee.pl
O1 - Hosts: ::1 00.eatgoogle.bij.pl
O1 - Hosts: ::1 00.eatgoogle.orge.pl
O1 - Hosts: ::1 00.eatgoogle.osa.pl
O1 - Hosts: ::1 00.googleeat.345.pl
O1 - Hosts: ::1 00.googleeat.bee.pl
O1 - Hosts: ::1 00.googleeat.bij.pl
O1 - Hosts: ::1 00.googleeat.orge.pl
O1 - Hosts: ::1 00.googleeat.osa.pl
O1 - Hosts: ::1 00.moregoogle.345.pl
O1 - Hosts: ::1 00.moregoogle.bee.pl
O1 - Hosts: ::1 00.moregoogle.bij.pl
O1 - Hosts: ::1 00.moregoogle.osa.pl
O1 - Hosts: ::1 0000.in
O1 - Hosts: ::1 0000a-fast-proxy.de
O1 - Hosts: ::1 000-101.org
O1 - Hosts: ::1 00161dcc.linkbucks.com
O1 - Hosts: 163815 more lines...
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] File not found
O4 - HKLM..\Run: [VAIOMyMemCenter] C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe ()
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-267834430-2803507182-2688529489-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-267834430-2803507182-2688529489-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D10402C1-9CDE-4582-A6B7-6C0D33B0E7BC}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img11.jpg
O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img11.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/01 11:11:31 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Maria\Desktop\OTL.exe
[2011/08/27 12:29:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/08/27 12:18:29 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2011/08/27 12:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/08/27 08:55:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/08/27 08:55:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/08/27 08:55:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/08/26 20:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2011/08/26 20:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011/08/26 20:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011/08/26 20:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2011/08/26 12:44:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/08/26 12:44:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/08/26 12:44:03 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/08/26 01:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/08/26 01:50:12 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2011/08/26 01:50:12 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2011/08/26 01:50:12 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2011/08/26 01:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/08/26 01:33:47 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Solid State Networks
[2011/08/26 00:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/08/26 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/08/25 21:47:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/08/25 19:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/08/25 19:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/08/25 19:24:36 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/08/25 19:24:18 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/08/25 19:24:15 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/08/25 19:24:13 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/08/25 19:24:12 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/08/25 19:24:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/08/25 19:24:07 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/08/25 19:12:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/08/25 19:12:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/08/25 19:05:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/08/25 19:03:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/08/25 18:59:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/08/25 18:59:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/08/25 18:59:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/08/25 18:59:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/08/25 18:59:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/08/25 18:59:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/08/25 18:59:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/08/25 18:59:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/08/25 18:59:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/08/25 18:59:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/08/25 18:59:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/08/25 18:58:56 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/08/25 18:58:56 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/08/25 18:58:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/08/25 18:58:55 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/08/25 18:58:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/08/25 12:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/08/25 12:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/08/25 12:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/08/25 12:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/08/25 12:03:19 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Mozilla
[2011/08/25 12:03:19 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Mozilla
[2011/08/25 11:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/08/25 11:27:32 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Sony Corporation
[2011/08/25 11:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/08/25 11:14:09 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/08/25 11:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/25 11:11:01 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Adobe
[2011/08/25 11:09:49 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Malwarebytes
[2011/08/25 11:09:44 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/25 11:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/25 11:09:37 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/25 11:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/25 11:02:18 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/08/25 11:02:17 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/08/25 11:02:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/08/25 11:01:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/08/25 11:01:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/08/25 11:01:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/08/25 11:01:43 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/08/25 11:00:32 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/08/25 11:00:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/08/25 11:00:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/08/25 11:00:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/08/25 11:00:16 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/08/25 11:00:02 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/08/25 11:00:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/08/25 11:00:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/08/25 11:00:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/08/25 11:00:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/08/25 11:00:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/08/25 11:00:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/08/25 10:58:32 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/08/25 10:58:29 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/08/25 10:58:28 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/08/25 10:58:28 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/08/25 10:58:27 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/08/25 10:58:26 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/08/25 10:58:26 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/08/25 10:58:26 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/08/25 10:58:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/08/25 10:58:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/08/25 10:58:24 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/25 10:58:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/25 10:58:09 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/08/25 10:58:09 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/08/25 10:58:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/08/25 10:57:47 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/25 10:57:46 | 003,550,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/25 10:57:24 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/08/25 10:57:23 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/08/25 10:57:15 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/08/25 10:56:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/08/25 10:56:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/08/25 10:56:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/08/25 10:55:56 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/08/25 10:55:51 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/08/25 10:55:30 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDTVVDEC.DLL
[2011/08/25 10:55:04 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/08/25 10:54:54 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/08/25 10:54:45 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/08/25 10:54:29 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/08/25 10:54:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/08/25 10:54:18 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/08/25 10:54:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/08/25 10:54:08 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/08/25 10:54:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/08/25 10:54:08 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/08/25 10:54:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/08/25 10:54:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/08/25 10:54:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/08/25 10:54:06 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/08/25 10:54:03 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/08/25 10:53:59 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/08/25 10:53:57 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/08/25 10:53:57 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/08/25 10:53:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/08/25 10:53:54 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/08/25 10:53:54 | 000,605,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/08/25 10:53:54 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/08/25 10:53:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/08/25 10:53:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/08/25 10:53:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/08/25 10:53:48 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/08/25 10:53:48 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/08/25 10:53:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/08/25 10:53:43 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/08/25 10:53:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/08/25 10:53:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/08/25 10:53:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/08/25 10:52:38 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/08/25 10:52:38 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/08/25 10:52:36 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/08/25 10:52:35 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/08/25 10:52:35 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/08/25 10:52:34 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/08/25 10:52:33 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/08/25 10:52:33 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/08/25 10:52:33 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/08/25 10:52:29 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/08/25 10:52:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/08/25 10:52:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/25 10:52:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/08/25 10:52:20 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/08/25 10:52:14 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/08/25 10:52:14 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/08/25 10:52:13 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/08/25 10:52:10 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/08/25 10:52:01 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/08/25 10:52:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/08/25 10:51:58 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/08/25 10:40:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/08/25 10:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/25 10:26:17 | 000,544,656 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2011/08/25 10:24:39 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Macromedia
[2011/08/25 10:24:38 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Adobe
[2011/08/25 10:22:42 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/08/25 10:22:41 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/08/25 10:22:27 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/08/25 10:22:27 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/08/25 10:22:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/08/25 10:22:15 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/08/25 10:22:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\Searches
[2011/08/25 10:17:16 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/25 10:17:04 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Identities
[2011/08/25 10:16:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Contacts
[2011/08/25 10:16:02 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\VirtualStore
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\Temporary Internet Files
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Templates
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Start Menu
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\SendTo
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Recent
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\PrintHood
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\NetHood
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Videos
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Pictures
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Documents\My Music
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\My Documents
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Local Settings
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\History
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Cookies
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\Application Data
[2011/08/25 10:16:00 | 000,000,000 | -HSD | C] -- C:\Users\Maria\AppData\Local\Application Data
[2011/08/25 10:15:59 | 000,000,000 | --SD | C] -- C:\Users\Maria\AppData\Roaming\Microsoft
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Videos
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Saved Games
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Pictures
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Music
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Links
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Favorites
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Downloads
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Documents
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\Desktop
[2011/08/25 10:15:59 | 000,000,000 | R--D | C] -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/25 10:15:59 | 000,000,000 | -H-D | C] -- C:\Users\Maria\AppData
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Temp
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Local\Microsoft
[2011/08/25 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Maria\AppData\Roaming\Media Center Programs
[2011/08/25 00:20:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/08/25 00:06:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/08/25 00:05:51 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2011/08/25 00:02:24 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/08/25 00:02:24 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/08/25 00:02:23 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/08/25 00:02:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/08/25 00:02:23 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/08/25 00:02:23 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/08/25 00:02:23 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/08/25 00:02:23 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/08/25 00:02:22 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/08/25 00:02:22 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/08/25 00:02:22 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/08/25 00:02:22 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/08/25 00:02:22 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/08/25 00:02:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/08/25 00:02:19 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/08/25 00:02:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/08/25 00:02:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/08/25 00:02:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/08/25 00:02:18 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/08/25 00:02:18 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/08/25 00:02:18 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/08/25 00:02:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/08/25 00:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2
[2011/08/25 00:02:06 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2011/08/25 00:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update 4
[2011/08/25 00:01:26 | 000,098,304 | ---- | C] (Sony Corporation) -- C:\Windows\System32\VESWinlogon.dll
[2011/08/24 23:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/08/24 23:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/08/24 23:57:44 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2011/08/24 23:54:28 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2011/08/24 23:54:28 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2011/08/24 23:54:26 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2011/08/24 23:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2011/08/24 23:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/08/24 23:51:25 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2011/08/24 23:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility
[2011/08/24 23:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Wireless Wizard
[2011/08/24 23:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2011/08/24 23:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\OCA Marker
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/08/24 23:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Napster Shared
[2011/08/24 23:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster
[2011/08/24 23:40:53 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/08/24 23:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/24 23:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2011/08/24 23:37:54 | 003,518,464 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\System32\cdintf300.dll
[2011/08/24 23:37:54 | 001,843,200 | ---- | C] (Apache Software Foundation) -- C:\Windows\System32\acXMLParser.dll
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2011/08/24 23:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2011/08/24 23:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SQL Anywhere 10
[2011/08/24 23:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\COMMON FILES
[2011/08/24 23:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/08/24 23:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/24 23:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/08/24 23:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center
[2011/08/24 23:22:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/09/01 11:13:47 | 000,597,784 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/01 11:13:47 | 000,102,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/01 11:11:34 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Maria\Desktop\OTL.exe
[2011/09/01 11:11:30 | 000,302,592 | ---- | M] () -- C:\Users\Maria\Desktop\wbbuksqy.exe
[2011/09/01 10:56:39 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/01 10:56:38 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/01 10:56:24 | 3081,801,728 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/26 21:30:11 | 000,000,213 | ---- | M] () -- C:\Users\Maria\Desktop\Alien Swarm.url
[2011/08/26 20:10:20 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/08/26 10:29:41 | 000,317,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/26 01:49:56 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2011/08/26 01:49:56 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2011/08/26 01:49:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2011/08/26 01:49:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2011/08/25 12:11:54 | 000,000,213 | ---- | M] () -- C:\Users\Maria\Desktop\Team Fortress 2.url
[2011/08/25 12:07:30 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 12:07:00 | 000,000,888 | ---- | M] () -- C:\Users\Maria\Desktop\Sandboxed Web Browser.lnk
[2011/08/25 12:07:00 | 000,000,888 | ---- | M] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/08/25 11:41:23 | 000,000,870 | ---- | M] () -- C:\Users\Maria\Desktop\Mozilla Firefox.lnk
[2011/08/25 11:09:44 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/25 11:06:32 | 000,000,357 | ---- | M] () -- C:\Users\Maria\Desktop\Downloads.lnk
[2011/08/25 00:23:53 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/08/25 00:18:19 | 000,000,040 | ---- | M] () -- C:\Windows\System32\ivireg.ivr
[2011/08/24 23:43:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:06 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Sony_VGN-NS230E.mrk

========== Files Created - No Company Name ==========

[2011/09/01 11:11:27 | 000,302,592 | ---- | C] () -- C:\Users\Maria\Desktop\wbbuksqy.exe
[2011/08/26 21:30:11 | 000,000,213 | ---- | C] () -- C:\Users\Maria\Desktop\Alien Swarm.url
[2011/08/26 20:10:20 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2011/08/25 18:59:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/08/25 18:59:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/08/25 18:59:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/08/25 12:11:53 | 000,000,213 | ---- | C] () -- C:\Users\Maria\Desktop\Team Fortress 2.url
[2011/08/25 12:07:30 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 12:07:15 | 000,000,888 | ---- | C] () -- C:\Users\Maria\Desktop\Sandboxed Web Browser.lnk
[2011/08/25 12:07:15 | 000,000,888 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/08/25 11:41:23 | 000,000,870 | ---- | C] () -- C:\Users\Maria\Desktop\Mozilla Firefox.lnk
[2011/08/25 11:11:26 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/25 11:10:07 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/08/25 11:09:44 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/25 11:06:32 | 000,000,357 | ---- | C] () -- C:\Users\Maria\Desktop\Downloads.lnk
[2011/08/25 10:58:10 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/08/25 10:53:56 | 000,171,520 | ---- | C] () -- C:\Windows\System32\taskeng.exe
[2011/08/25 10:17:20 | 000,000,949 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/25 10:17:16 | 000,000,944 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/08/25 10:16:59 | 000,000,915 | ---- | C] () -- C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/08/25 10:15:59 | 000,000,258 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/25 10:15:59 | 000,000,240 | ---- | C] () -- C:\Users\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/08/25 00:18:17 | 000,000,040 | ---- | C] () -- C:\Windows\System32\ivireg.ivr
[2011/08/25 00:00:44 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011/08/24 23:59:42 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2011/08/24 23:49:42 | 000,001,579 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Startup Assistant.lnk
[2011/08/24 23:43:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\104D_SONY_VGN-NS230E.mrk
[2011/08/24 23:43:06 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Sony_VGN-NS230E.mrk
[2011/08/24 23:34:51 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/08/24 23:22:07 | 3081,801,728 | -HS- | C] () -- C:\hiberfil.sys
[2008/10/29 16:12:05 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/10/29 16:12:05 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/10/29 16:12:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2008/10/29 16:12:05 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/10/29 16:11:26 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/29 16:11:15 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/29 16:11:15 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/10/29 16:11:14 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/29 16:11:14 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/29 15:38:18 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/29 15:38:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/11/02 05:47:37 | 000,317,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,597,784 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,102,350 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

Extra.txt:

OTL Extras logfile created on: 9/1/2011 11:16:14 AM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Maria\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 69.50% Memory free
5.96 Gb Paging File | 5.03 Gb Available in Paging File | 84.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.86 Gb Total Space | 156.63 Gb Free Space | 69.97% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- %SystemRoot%\winhlp32.exe %1
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_USERS\S-1-5-21-267834430-2803507182-2688529489-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
Drive [find] -- %SystemRoot%\Explorer.exe File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0439A470-3360-4E48-8FE0-320751EE10FD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{29DD5239-A7E2-48AF-823B-EDD28A867633}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{523565DD-8497-4DAA-B3FB-A7DF48B9DA92}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{7B5F279F-7EC5-4529-9A3D-289635AC2755}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{93BEA38D-F97C-4A2A-9984-9E77AB79DC6A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{F6BACE1C-9A5B-408F-8DAF-31A3BEB5248F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{9ED7C454-9578-48C6-9849-0B963BF27CF8}C:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe |
"UDP Query User{7F7E33F9-C13C-4124-A778-083BE320A260}C:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\doommonk\team fortress 2\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7E823DA5-43A2-46E8-A75E-5A2A0FDE81A1}" = VAIO Content Metadata Manager Setting
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO Wireless Wizard
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E1D25278-B51A-4163-BC3D-20A4D2D09F98}" = VAIO My Memory Center
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
"Sandboxie" = Sandboxie 3.56 (32-bit)
"Steam App 38830" = Crimecraft: BLEEDOUT
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"YTdetect" = Yahoo! Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/25/2011 1:18:31 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:18:31 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:18:32 PM | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/25/2011 1:28:21 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =

Error - 8/25/2011 1:31:23 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =

Error - 8/25/2011 2:08:10 PM | Computer Name = PC | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF40 Description:Cannot complete the Security Essentials
installation. You already have other Microsoft antimalware software such as OneCare
installed on your computer. These antivirus programs might conflict with Security
Essentials, prevent it from working properly, or cause severe performance problems.
You should remove other antivirus programs and then run this installation wizard
again. Error code:0x8004FF40.

Error - 8/25/2011 2:23:06 PM | Computer Name = PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 8/26/2011 12:51:03 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/26/2011 12:51:03 AM | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842

Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842

Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837

Error - 8/26/2011 12:51:14 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837

Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%858

Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%858

Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837

Error - 8/26/2011 12:55:52 AM | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837


< End of report >
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 3:27 pm

GMER LOG:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-01 12:15:30
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD25 rev.01.0
Running: wbbuksqy.exe; Driver: C:\Users\Maria\AppData\Local\Temp\pxldapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8E8D7DA4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8E8D934C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8E8D7F90]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8E8D70CE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8E8D7A0A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8E8D6FAE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8E8D779E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8E8D8FDE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8E8D699A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8E8D89EE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8E8D7396]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8E8D7BE6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8E8D763A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8E8D848A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8E8D873E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8E8D8CE6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8E8D7300]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8E8D7526]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8E8D6DB0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8E8D6B9E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8E8D809E]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetTimerEx + 34C 81F03BA0 4 Bytes [A4, 7D, 8D, 8E]
.text ntkrnlpa.exe!KeSetTimerEx + 370 81F03BC4 8 Bytes [4C, 93, 8D, 8E, 90, 7F, 8D, ...] {DEC ESP; XCHG EBX, EAX; LEA ECX, [ESI-0x71728070]}
.text ntkrnlpa.exe!KeSetTimerEx + 3F4 81F03C48 4 Bytes [CE, 70, 8D, 8E]
.text ntkrnlpa.exe!KeSetTimerEx + 40C 81F03C60 4 Bytes [0A, 7A, 8D, 8E]
.text ntkrnlpa.exe!KeSetTimerEx + 438 81F03C8C 4 Bytes [AE, 6F, 8D, 8E]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[228] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\spoolsv.exe[232] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[404] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[700] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ntdll.dll!NtAlpcSendWaitReceivePort 77DB7B18 5 Bytes JMP 100285D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[740] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsass.exe[768] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lsm.exe[776] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[936] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1004] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1044] ntdll.dll!NtAllocateVirtualMemory 77DB79D8 5 Bytes JMP 005190B0 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1044] ntdll.dll!NtCreateFile 77DB7C78 5 Bytes JMP 00531040 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe[1148] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1260] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1276] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[1340] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe[1348] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\AUDIODG.EXE[1436] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1496] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[1632] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\collsvc.exe[1648] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\RtkAudioService.exe[1664] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[1984] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2068] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\svchost.exe[2088] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132]
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 3:27 pm

ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\SearchIndexer.exe[2132] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DRIVERS\xaudio.exe[2228] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe[2376] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 00905680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 008FCF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 008FCE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 009026F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 00903280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 00901220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 00901B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 0090DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 0090E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe[2440] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 0090E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\System32\mobsync.exe[2452] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2588] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\DllHost.exe[2712] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxext.exe[2760] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\igfxsrvc.exe[2784] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Care\listener.exe[3340] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\Dwm.exe[3412] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\Explorer.EXE[3464] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3748] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[3776] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3824] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3832] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Microsoft Security Client\msseces.exe[3844] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3852] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[3860] ntdll.dll!NtAllocateVirtualMemory 77DB79D8 5 Bytes JMP 0074CB10 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sandboxie\SbieCtrl.exe[3868] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\svchost.exe[3904] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] kernel32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] kernel32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Users\Maria\Desktop\wbbuksqy.exe[3940] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] KERNEL32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] KERNEL32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[4012] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ntdll.dll!LdrLoadDll 77D879B3 5 Bytes JMP 10025680 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ntdll.dll!LdrUnloadDll 77D9E5AC 7 Bytes JMP 1001CF60 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ntdll.dll!NtClose 77DB7BB8 5 Bytes JMP 1001CE40 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] KERNEL32.dll!CreateProcessW 77EB1C01 5 Bytes JMP 100226F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] KERNEL32.dll!CreateProcessA 77EB1C36 5 Bytes JMP 10023280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] USER32.dll!EndTask 76D7ACCF 5 Bytes JMP 1002DF90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ADVAPI32.dll!CreateProcessAsUserW 7686A8F5 5 Bytes JMP 10021220 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ADVAPI32.dll!CreateProcessAsUserA 768B48A6 5 Bytes JMP 10021B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ole32.dll!CoGetClassObject 76A56178 5 Bytes JMP 1002E1D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Sony\VAIO Power Management\SPMService.exe[4072] ole32.dll!CoCreateInstanceEx 76A6E31B 5 Bytes JMP 1002E410 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74C18864] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74C59855] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74C1B984] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74C0FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74C17A29] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74C0EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74C4B12D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74C1BC4A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74C10756] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74C106BD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74C071B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74C9D9E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74C37329] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74C0E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74C0697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74C069A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74C12475] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- EOF - GMER 1.0.15 ----
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 3:30 pm

Please also post the MGADiag log.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 3:31 pm

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-4GV68-6D8JB-G6MF9
Windows Product Key Hash: Ua+OBZ1y48sKA/bWkfKXiuCrOjY=
Windows Product ID: 89578-OEM-7332157-00203
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6001.2.00010300.1.0.003
ID: {C496218B-6309-4128-8935-58D78EFDDE27}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000000
Build lab: 6001.vistasp1_ldr.101014-0432
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{C496218B-6309-4128-8935-58D78EFDDE27}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6001.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-G6MF9</PKey><PID>89578-OEM-7332157-00203</PID><PIDType>2</PIDType><SID>S-1-5-21-267834430-2803507182-2688529489</SID><SYSTEM><Manufacturer>Sony Corporation</Manufacturer><Model>VGN-NS230E</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>R1020Y3</Version><SMBIOSVersion major="2" minor="4"/><Date>20080918000000.000000+000</Date></BIOS><HWID>E1303507018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>Sony</OEMID><OEMTableID>VAIO</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.0.6001.18000
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89578-00146-321-500203-02-1033-6001.0000-2372011
Installation ID: 014295132724263660513543456470346576170596065795408695
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
Partial Product Key: G6MF9
License Status: Licensed

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: NgAAAAEAAwABAAIAAQABAAAAAwABAAEAeqiA2Z7Plj4uZZpG+upqciof8vSCMmy8fpCsViqF

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC Sony VAIO
FACP Sony VAIO
HPET Sony VAIO
MCFG Sony VAIO
SLIC Sony VAIO
SSDT Sony VAIO
SSDT Sony VAIO
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 4:03 pm

Hi doommonk,

You have more security programs running than are needed, please uninstall

COMODO Internet Security

and

Sandboxie

Also remove Spybot - Search & Destroy if there is an option in the Start menu to do so.

From the error log

Cannot complete the Security Essentials
installation. You already have other Microsoft antimalware software such as OneCare
installed on your computer. These antivirus programs might conflict with Security
Essentials


We need to have only 1 antivirus program installed. Please uninstall the following

Microsoft Antimalware
Microsoft Security Client
Microsoft Security Essentials


Now reboot then reinstall Microsoft Security Essentials

Run OTL Script

  • Right click OTL.exe and select: Run as Administrator.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    :otl
    O4 - HKLM..\Run: [RtHDVCpl] File not found
    :commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


TDSSKiller

  • Please Download TDSSKiller.zip and save it on your desktop.
  • Extract (unzip) its contents to your Desktop.
  • Double-click the TDSSKiller Folder on your desktop.
  • Right-click on TDSSKiller.exe and click Copy then Paste it directly on to your Desktop.
  • Important!: Run this fix once and once only.
  • Right click the TDSSKiller icon on you're desktop and select: Run as Administrator.
  • A box will appear saying System scan completed.
  • If any Malicious objects are found click Cure > Continue > Reboot now.
  • A log file should be created on your C: drive named something like TDSSKiller.2.4.0.0 24.07.2010.
  • To find the log click Start > Computer > C:.
  • Please post the contents of that log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 4:37 pm

Removed comodo and sand boxie then restarted and now the network connection center will not show any networks. Trustedinstaller.exe is eating all of my CPU memory and there are 6 different copies of taskeng.exe running
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 4:39 pm

Can you boot into safe mode with networking?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 4:48 pm

Actually since i chose the setting in comodo firewall to route through their severs i just needed torefresh the ip. Also the network center turned itself off, so the internet is working now.
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 4:50 pm

but
Microsoft Antimalware
Microsoft Security Client
Spybot Search and Distroy are not on the remove programs list.
also when i look in the program files folder spybot is an empty folder
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 4:57 pm

OK, continue with OTL script and TDSSKiller.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 38 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware