Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Really slow vista

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 5:11 pm

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RtHDVCpl deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Maria
->Temp folder emptied: 17618142 bytes
->Temporary Internet Files folder emptied: 5753896 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40210368 bytes
->Flash cache emptied: 627 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9438020 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 146789965 bytes

Total Files Cleaned = 210.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Maria
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.27.0 log created on 09012011_140610

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP000000655A43B6A82EC59523 not found!

Registry entries deleted on Reboot...
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am
Advertisement
Register to Remove

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 5:13 pm

OK, let's see what TDSSKiller finds.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 5:21 pm

2011/09/01 14:13:43.0763 3324 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/01 14:13:44.0309 3324 ================================================================================
2011/09/01 14:13:44.0309 3324 SystemInfo:
2011/09/01 14:13:44.0309 3324
2011/09/01 14:13:44.0324 3324 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/01 14:13:44.0324 3324 Product type: Workstation
2011/09/01 14:13:44.0324 3324 ComputerName: PC
2011/09/01 14:13:44.0324 3324 UserName: Maria
2011/09/01 14:13:44.0324 3324 Windows directory: C:\Windows
2011/09/01 14:13:44.0324 3324 System windows directory: C:\Windows
2011/09/01 14:13:44.0324 3324 Processor architecture: Intel x86
2011/09/01 14:13:44.0324 3324 Number of processors: 2
2011/09/01 14:13:44.0324 3324 Page size: 0x1000
2011/09/01 14:13:44.0324 3324 Boot type: Normal boot
2011/09/01 14:13:44.0324 3324 ================================================================================
2011/09/01 14:13:49.0722 3324 Initialize success
2011/09/01 14:14:01.0001 3472 ================================================================================
2011/09/01 14:14:01.0001 3472 Scan started
2011/09/01 14:14:01.0001 3472 Mode: Manual;
2011/09/01 14:14:01.0001 3472 ================================================================================
2011/09/01 14:14:14.0354 3472 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/01 14:14:19.0050 3472 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/01 14:14:22.0263 3472 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/01 14:14:26.0522 3472 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/01 14:14:30.0001 3472 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/01 14:14:33.0137 3472 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/09/01 14:14:37.0255 3472 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/01 14:14:40.0188 3472 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/01 14:14:43.0136 3472 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/01 14:14:46.0584 3472 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/01 14:14:50.0359 3472 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/01 14:14:54.0103 3472 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/01 14:14:57.0145 3472 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/01 14:15:00.0312 3472 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/01 14:15:03.0619 3472 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/01 14:15:06.0989 3472 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/01 14:15:09.0625 3472 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/01 14:15:11.0715 3472 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
2011/09/01 14:15:16.0801 3472 atikmdag (9f66d1ba97911731133e46212539a08d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/01 14:15:20.0966 3472 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/01 14:15:22.0963 3472 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/01 14:15:24.0913 3472 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/01 14:15:28.0049 3472 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/01 14:15:30.0045 3472 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/01 14:15:32.0167 3472 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/01 14:15:33.0914 3472 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/01 14:15:35.0724 3472 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/01 14:15:37.0643 3472 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/01 14:15:39.0920 3472 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/01 14:15:41.0699 3472 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/01 14:15:43.0727 3472 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/01 14:15:46.0535 3472 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/09/01 14:15:47.0814 3472 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/01 14:15:49.0608 3472 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/01 14:15:51.0386 3472 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/01 14:15:53.0102 3472 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/01 14:15:55.0239 3472 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/01 14:15:57.0205 3472 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/01 14:15:59.0857 3472 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/09/01 14:16:01.0869 3472 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/01 14:16:04.0350 3472 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/09/01 14:16:06.0643 3472 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/01 14:16:08.0921 3472 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/01 14:16:11.0276 3472 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/01 14:16:13.0304 3472 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/01 14:16:15.0613 3472 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/01 14:16:18.0218 3472 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/01 14:16:19.0934 3472 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/01 14:16:21.0479 3472 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/01 14:16:23.0117 3472 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/01 14:16:24.0786 3472 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/01 14:16:26.0439 3472 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/01 14:16:28.0249 3472 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/01 14:16:30.0090 3472 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/01 14:16:31.0431 3472 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/01 14:16:33.0225 3472 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/01 14:16:34.0863 3472 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/01 14:16:36.0704 3472 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/01 14:16:38.0436 3472 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/01 14:16:40.0183 3472 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/01 14:16:41.0759 3472 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/01 14:16:43.0553 3472 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/01 14:16:45.0534 3472 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/01 14:16:47.0515 3472 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/01 14:16:49.0933 3472 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/01 14:16:51.0540 3472 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/09/01 14:16:53.0724 3472 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/01 14:16:55.0565 3472 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/01 14:16:57.0000 3472 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/01 14:16:58.0731 3472 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/01 14:17:01.0274 3472 igfx (ce5ff5d5e3f4ca974e36dc24c15474d0) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/09/01 14:17:02.0678 3472 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/01 14:17:04.0644 3472 IntcAzAudAddService (4a0f260df9a5333c07f4ab40ca9d4f4b) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/01 14:17:05.0939 3472 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/01 14:17:06.0797 3472 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/01 14:17:07.0951 3472 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/01 14:17:10.0447 3472 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/01 14:17:11.0617 3472 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/01 14:17:13.0364 3472 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/01 14:17:14.0487 3472 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/01 14:17:15.0689 3472 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/01 14:17:17.0186 3472 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/01 14:17:18.0153 3472 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/01 14:17:19.0589 3472 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/01 14:17:20.0868 3472 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2011/09/01 14:17:22.0100 3472 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/01 14:17:23.0769 3472 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/01 14:17:24.0893 3472 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/01 14:17:26.0328 3472 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/01 14:17:28.0371 3472 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/01 14:17:29.0370 3472 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/01 14:17:30.0399 3472 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\Windows\system32\drivers\mbam.sys
2011/09/01 14:17:31.0460 3472 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/01 14:17:32.0505 3472 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/01 14:17:33.0519 3472 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/01 14:17:34.0346 3472 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/01 14:17:35.0547 3472 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/01 14:17:36.0421 3472 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/01 14:17:37.0451 3472 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/01 14:17:38.0527 3472 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/01 14:17:39.0432 3472 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/09/01 14:17:40.0820 3472 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/01 14:17:41.0179 3472 MpKsl64c3159d (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3631FBD8-E5EA-4848-8ABB-18C3A0A353A1}\MpKsl64c3159d.sys
2011/09/01 14:17:42.0926 3472 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/09/01 14:17:44.0361 3472 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/01 14:17:45.0547 3472 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/01 14:17:46.0889 3472 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/01 14:17:47.0887 3472 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/01 14:17:49.0026 3472 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/01 14:17:50.0367 3472 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/01 14:17:51.0631 3472 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/01 14:17:53.0113 3472 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/01 14:17:54.0455 3472 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/01 14:17:56.0093 3472 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/01 14:17:57.0528 3472 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/01 14:17:58.0635 3472 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/01 14:17:59.0837 3472 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/01 14:18:01.0459 3472 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/01 14:18:03.0097 3472 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/01 14:18:04.0938 3472 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/01 14:18:06.0155 3472 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/01 14:18:07.0668 3472 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/01 14:18:08.0526 3472 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/01 14:18:09.0883 3472 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/01 14:18:10.0679 3472 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/01 14:18:11.0786 3472 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/01 14:18:12.0613 3472 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/01 14:18:14.0126 3472 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/01 14:18:15.0359 3472 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/01 14:18:16.0778 3472 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/01 14:18:17.0979 3472 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/09/01 14:18:18.0276 3472 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/01 14:18:18.0338 3472 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/01 14:18:18.0416 3472 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/01 14:18:19.0773 3472 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/01 14:18:20.0959 3472 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/01 14:18:22.0035 3472 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/01 14:18:23.0283 3472 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/01 14:18:24.0516 3472 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/01 14:18:28.0541 3472 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/01 14:18:30.0225 3472 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/01 14:18:31.0458 3472 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/01 14:18:32.0285 3472 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/01 14:18:33.0860 3472 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/01 14:18:34.0640 3472 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/01 14:18:35.0982 3472 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/01 14:18:37.0027 3472 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/01 14:18:38.0337 3472 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/01 14:18:39.0336 3472 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/01 14:18:40.0100 3472 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/01 14:18:40.0646 3472 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/01 14:18:41.0348 3472 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/01 14:18:41.0941 3472 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/01 14:18:43.0173 3472 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/01 14:18:44.0343 3472 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/01 14:18:45.0451 3472 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/01 14:18:46.0543 3472 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/01 14:18:48.0025 3472 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/01 14:18:48.0914 3472 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/01 14:18:50.0162 3472 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/01 14:18:51.0285 3472 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/01 14:18:52.0268 3472 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/01 14:18:53.0313 3472 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/01 14:18:54.0421 3472 rimsptsk (d0c2a0ce1091e08efb7ccba6cea4c3f9) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/01 14:18:55.0373 3472 risdptsk (53ea7c7d1d3c4b11ae0ea7c8d75c4e82) C:\Windows\system32\DRIVERS\risdptsk.sys
2011/09/01 14:18:56.0059 3472 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/01 14:18:57.0291 3472 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/01 14:18:58.0430 3472 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/01 14:18:59.0553 3472 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/01 14:19:00.0489 3472 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/01 14:19:01.0815 3472 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/01 14:19:02.0954 3472 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/01 14:19:04.0202 3472 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/09/01 14:19:05.0060 3472 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/01 14:19:06.0339 3472 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/01 14:19:07.0353 3472 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/01 14:19:08.0367 3472 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/01 14:19:09.0584 3472 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/01 14:19:10.0661 3472 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/01 14:19:12.0049 3472 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/01 14:19:13.0344 3472 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/01 14:19:14.0498 3472 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/01 14:19:15.0684 3472 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/09/01 14:19:16.0682 3472 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/01 14:19:17.0509 3472 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/01 14:19:18.0617 3472 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/01 14:19:19.0787 3472 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/01 14:19:20.0894 3472 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/01 14:19:22.0049 3472 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/01 14:19:23.0219 3472 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
2011/09/01 14:19:24.0155 3472 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
2011/09/01 14:19:25.0309 3472 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/01 14:19:26.0198 3472 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/01 14:19:27.0290 3472 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/01 14:19:28.0554 3472 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/01 14:19:29.0646 3472 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/01 14:19:30.0738 3472 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/01 14:19:31.0861 3472 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/01 14:19:33.0171 3472 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/01 14:19:34.0607 3472 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/01 14:19:35.0730 3472 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/01 14:19:36.0837 3472 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/01 14:19:38.0959 3472 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/01 14:19:40.0628 3472 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/01 14:19:41.0767 3472 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/01 14:19:42.0797 3472 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/01 14:19:44.0091 3472 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/01 14:19:45.0183 3472 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/01 14:19:46.0291 3472 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/01 14:19:47.0336 3472 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/01 14:19:48.0381 3472 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/01 14:19:49.0739 3472 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/01 14:19:51.0065 3472 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/09/01 14:19:53.0389 3472 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/01 14:19:54.0278 3472 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/01 14:19:55.0635 3472 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/01 14:19:57.0117 3472 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/01 14:19:58.0397 3472 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/01 14:19:59.0535 3472 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/01 14:20:00.0690 3472 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/01 14:20:01.0860 3472 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/01 14:20:02.0921 3472 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/01 14:20:04.0091 3472 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/01 14:20:05.0885 3472 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/01 14:20:07.0117 3472 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/01 14:20:08.0474 3472 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/01 14:20:08.0552 3472 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/01 14:20:09.0675 3472 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/01 14:20:11.0235 3472 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/01 14:20:12.0125 3472 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/09/01 14:20:13.0856 3472 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/01 14:20:15.0182 3472 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/01 14:20:16.0383 3472 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/01 14:20:17.0975 3472 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/01 14:20:19.0659 3472 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/01 14:20:20.0658 3472 yukonwlh (7d4cca3659fa0780603206e3d12a993f) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/09/01 14:20:20.0720 3472 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/01 14:20:20.0751 3472 Boot (0x1200) (a8803e248d809090b902e40e1cded35d) \Device\Harddisk0\DR0\Partition0
2011/09/01 14:20:20.0767 3472 ================================================================================
2011/09/01 14:20:20.0767 3472 Scan finished
2011/09/01 14:20:20.0767 3472 ================================================================================
2011/09/01 14:20:20.0798 3560 Detected object count: 0
2011/09/01 14:20:20.0798 3560 Actual detected object count: 0
2011/09/01 14:20:51.0546 2808 Deinitialize success
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 5:40 pm

Hi doommonk,

No obvious signs of any infection so far, it may be that we need to restore vista to factory defaults again. Before we do that though let's dig deeper.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Now run a quick scan with Malwarebytes and post the log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 6:07 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=d5753386b345dd408f920f6fcbd79997
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-09-01 10:04:50
# local_time=2011-09-01 03:04:50 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5892 16776574 100 95 113109106 151521143 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=20581
# found=0
# cleaned=0
# scan_time=1075
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 1st, 2011, 6:26 pm

Please post Malwarebytes log when ready.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 1st, 2011, 6:43 pm

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7631

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

9/1/2011 3:43:04 PM
mbam-log-2011-09-01 (15-43-04).txt

Scan type: Quick scan
Objects scanned: 151016
Time elapsed: 7 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 2nd, 2011, 3:57 am

Hi doommonk,

Download and Run ComboFix

Download Combofix by sUBs from one of these links and save it to your Desktop.
Link 1 | Link 2

**Ensure you have disabled ALL anti-virus, anti-malware and firewall programs so they do not interfere with ComboFix.**
A guide to do this can be found here. If you still aren't sure how to disable protection software, please ask.

  • Double-click ComboFix.exe to start Combofix (If you get a User Account Control warning, click Allow)
  • If you get a message from ComboFix that a rootkit is detected and it needs to reboot the computer, allow it to do so.
  • Wait for scan to complete. It can take tens of minutes.
  • Do not run any programs or do anything to interfere with ConboFix as it is running.
  • Once finished, a log should open. If not, the log can be located at C:\ComboFix.txt

Please include the ComboFix log (C:\ComboFix.txt) in your next reply.

A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 2nd, 2011, 1:23 pm

I get an error message after i try and run combo fix. After i turn off MSS, MalwareBytes and windows firewall i double clicked on combo fix. It extracts all the files but then when it comes up in the command prompt i get an error saying "Can't find regedit, please copy from another machine." I tried right clicking then running as administrator to no avail. Also when i try to run "regedit" i get an error saying "Windows cannot find 'regedit'. Make sure you typed the name correctly then try again.
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 2nd, 2011, 1:25 pm

Can't find regedit, please copy from another machine.


Do you have another machine that you could copy it from?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 2nd, 2011, 1:27 pm

Yea, i can copy it from my netbook.
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby doommonk » September 2nd, 2011, 1:36 pm

It apears that i don't have permission to access the systm folder even though i am the only user and admin on the comp. i changed folder permissions to myself. BUt i will not be available until later to day sorry.
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby doommonk » September 2nd, 2011, 1:36 pm

it appears i can run regedit now, but i must leave
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am

Re: Really slow vista

Unread postby deltalima » September 2nd, 2011, 1:57 pm

OK, try to run Combofix again later and let me know how it goes.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Really slow vista

Unread postby doommonk » September 2nd, 2011, 9:33 pm

ComboFix 11-09-02.04 - Maria 09/02/2011 18:19:38.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2938.1866 [GMT -7:00]
Running from: c:\users\Maria\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\comct332.ocx
.
.
((((((((((((((((((((((((( Files Created from 2011-08-03 to 2011-09-03 )))))))))))))))))))))))))))))))
.
.
2011-09-03 01:28 . 2011-09-03 01:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-03 01:05 . 2011-09-03 01:05 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B56749D-B536-4C07-99E0-DD39C289EB7F}\MpKsl68035bd0.sys
2011-09-02 17:14 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B56749D-B536-4C07-99E0-DD39C289EB7F}\mpengine.dll
2011-09-01 23:47 . 2011-09-01 23:48 -------- d-----w- c:\windows\system32\ca-ES
2011-09-01 23:47 . 2011-09-01 23:48 -------- d-----w- c:\windows\system32\eu-ES
2011-09-01 23:47 . 2011-09-01 23:48 -------- d-----w- c:\windows\system32\vi-VN
2011-09-01 21:06 . 2011-09-01 21:06 -------- d-----w- C:\_OTL
2011-09-01 20:54 . 2011-09-01 20:54 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D94ECBDB-975B-43E6-91B4-C9912A7FA7D5}\gapaengine.dll
2011-09-01 20:53 . 2011-09-01 20:53 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-01 19:31 . 2011-09-01 19:31 -------- d-----w- C:\MGADiagToolOutput
2011-09-01 19:28 . 2011-09-01 19:28 -------- d-----w- c:\programdata\Office Genuine Advantage
2011-08-27 19:29 . 2011-08-27 19:29 -------- d-----w- c:\windows\system32\EventProviders
2011-08-27 15:55 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-08-27 15:55 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-08-27 15:55 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-08-27 15:55 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-08-27 15:55 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-08-27 08:19 . 2009-04-11 06:28 499712 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-08-27 08:18 . 2009-04-11 06:31 507904 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll
2011-08-26 19:44 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-08-26 19:44 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-26 19:44 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2011-08-26 19:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-08-26 19:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-08-26 08:51 . 2011-08-26 08:51 -------- d-----w- c:\program files\Common Files\Java
2011-08-26 08:43 . 2011-08-26 08:49 -------- d-----w- c:\program files\Java
2011-08-26 07:38 . 2011-08-26 07:38 -------- d-----w- c:\program files\Microsoft Silverlight
2011-08-26 02:50 . 2011-08-27 06:36 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-26 02:50 . 2011-08-27 03:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-26 02:24 . 2011-08-26 02:24 -------- d-----r- C:\Sandbox
2011-08-26 02:05 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-08-26 02:05 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2011-08-26 02:05 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2011-08-26 01:58 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2011-08-26 01:58 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2011-08-26 01:58 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2011-08-26 01:58 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2011-08-26 01:58 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2011-08-26 01:58 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2011-08-25 19:07 . 2011-08-26 01:49 -------- d-----w- c:\program files\Common Files\Steam
2011-08-25 19:07 . 2011-09-03 01:06 -------- d-----w- c:\program files\Steam
2011-08-25 18:23 . 2011-08-25 18:23 -------- d-----w- c:\programdata\WindowsSearch
2011-08-25 18:17 . 2011-08-25 18:17 -------- d-----w- c:\windows\Intuit
2011-08-25 18:14 . 2010-10-19 20:51 222080 ----a-w- c:\windows\system32\MpSigStub.exe
2011-08-25 18:10 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-08-25 18:09 . 2011-08-25 18:09 -------- d-----w- c:\programdata\Malwarebytes
2011-08-25 18:09 . 2011-07-07 02:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-25 18:09 . 2011-08-25 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-25 18:09 . 2011-07-07 02:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-25 18:02 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2011-08-25 18:02 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll
2011-08-25 18:02 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2011-08-25 18:02 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-08-25 18:02 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll
2011-08-25 18:02 . 2011-03-02 15:44 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-08-25 18:02 . 2009-05-04 09:59 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-08-25 18:01 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-08-25 18:01 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2011-08-25 18:01 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-08-25 18:01 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-08-25 18:01 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-08-25 18:01 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2011-08-25 18:01 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-08-25 17:57 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-08-25 17:57 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-25 17:57 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-25 17:57 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-08-25 17:57 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2011-08-25 17:57 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-08-25 17:57 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-08-25 17:57 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-08-25 17:57 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-08-25 17:57 . 2011-02-18 14:03 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-08-25 17:57 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-25 17:57 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-08-25 17:57 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-08-25 17:56 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2011-08-25 17:56 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2011-08-25 17:56 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2011-08-25 17:56 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-08-25 17:56 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-25 17:56 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-08-25 17:55 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-08-25 17:55 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-08-25 17:55 . 2011-05-02 12:00 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-25 17:55 . 2009-12-02 07:32 763904 ----a-w- c:\windows\system32\MSDTVVDEC.DLL
2011-08-25 17:55 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-25 17:55 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-08-25 17:55 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2011-08-25 17:53 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2011-08-25 17:52 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2011-08-25 17:51 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-08-25 17:51 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-08-25 17:40 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2011-08-25 17:40 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-08-25 17:37 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-08-25 17:37 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2011-08-25 17:26 . 2011-08-26 08:49 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-25 17:22 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2011-08-25 17:22 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2011-08-25 17:22 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2011-08-25 17:22 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-08-25 17:22 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2011-08-25 17:22 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-08-25 17:22 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2011-08-25 17:22 . 2009-08-07 02:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-08-25 17:22 . 2009-08-07 01:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-08-25 17:15 . 2011-08-27 03:11 -------- d-----w- c:\users\Maria
2011-08-25 07:06 . 2011-08-25 18:08 -------- dc----w- c:\windows\system32\DRVSTORE
2011-08-25 07:01 . 2008-10-18 01:19 98304 ----a-w- c:\windows\system32\VESWinlogon.dll
2011-08-25 06:58 . 2011-08-25 06:58 -------- d-----w- c:\programdata\Uninstall
2011-08-25 06:58 . 2011-08-25 06:58 -------- d-----w- c:\programdata\Sonic
2011-08-25 06:57 . 2008-08-29 23:23 129520 ----a-w- c:\windows\system32\pxafs.dll
2011-08-25 06:54 . 2005-04-27 23:36 245408 ----a-w- c:\windows\system32\unicows.dll
2011-08-25 06:54 . 1995-07-31 20:44 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL
2011-08-25 06:54 . 2011-08-25 17:26 -------- d-----w- c:\program files\Common Files\ArcSoft
2011-08-25 06:54 . 2008-09-05 00:06 55808 ----a-w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-08-25 06:54 . 2011-08-26 01:45 -------- d-----w- c:\program files\ArcSoft
2011-08-25 06:54 . 2001-09-05 11:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-08-25 06:54 . 2008-10-14 12:54 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-08-25 06:54 . 2001-09-05 11:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-08-25 06:54 . 2001-09-05 11:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-08-25 06:54 . 2001-09-05 11:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-08-25 06:50 . 2008-09-25 01:17 114688 ----a-w- c:\program files\Windows Sidebar\Gadgets\eBayGadget.Gadget\Bin\eBayGadget.dll
2011-08-25 06:43 . 2011-08-25 06:43 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 20:22 . 2011-08-25 18:41 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-25 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\VAIO Sat Survey.exe" [2008-07-25 385024]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-05-20 24576]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-07 449584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-10-17 6295552]
"Skytel"="Skytel.exe" [2008-10-17 1826816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-10-18 01:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-12 337184]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-12 83232]
S1 MpKsl68035bd0;MpKsl68035bd0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B56749D-B536-4C07-99E0-DD39C289EB7F}\MpKsl68035bd0.sys [2011-09-03 28752]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-07 366640]
S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-10-17 104992]
S2 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2008-09-09 122880]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-10-18 415584]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-04 446464]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-07 22712]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL68035BD0
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=SNYR
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\12ig9t47.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-02 18:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-09-02 18:31:10
ComboFix-quarantined-files.txt 2011-09-03 01:31
.
Pre-Run: 159,878,742,016 bytes free
Post-Run: 159,825,047,552 bytes free
.
- - End Of File - - 25C3377F5D3578511610E8B89CE1E9A8
doommonk
Regular Member
 
Posts: 22
Joined: August 24th, 2011, 6:58 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 10 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware