Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

my machine takes 10 mins to boot then runs very poorly

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 24th, 2011, 2:40 am

Hi guys,
After a lot of dumb downloads my machine takes forever to boot up up and when it does it often freezes and generally runs very slowly especially with multiple programs running.

Hope you can help. Thanks. Logs supplied:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Chris at 7:30:37 on 2011-09-24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2038.483 [GMT 1:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Users\Chris\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.shareware-en.com/en/index.php?rvs=hompag
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.shareware-en.com/en/index.php?rvs=hompag
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [PLFSet] rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\play movie\PMVService.exe"
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
mRun: [WarReg_PopUp] c:\acer\wr_popup\WarReg_PopUp.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Skytel] Skytel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8130BC08-EBCD-4C34-8A5A-EDB20B382A33} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B853D050-9ADF-44FB-8332-36BC1EAF9EBC} : DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\6bsf7j45.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT24524 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4af59d94 ... g=en-US&q=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\chris\appdata\roaming\facebook\npfbplugin_1_0_3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2007-4-3 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2007-4-3 35712]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-9-8 15672]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-7 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-7 29712]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-7 243152]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2007-9-19 13560]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-7-23 328536]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2011-8-21 308136]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-20 21504]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-7-23 820568]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\RegFilter.sys [2011-7-23 30600]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-16 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 947528]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-2-8 179712]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-11-11 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-16 135664]
S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\UrlFilter.sys [2011-7-23 19280]
S4 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\FileMonitor.sys [2011-7-23 18768]
.
=============== Created Last 30 ================
.
2011-09-23 18:43:46 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-09-08 21:44:41 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-09-08 21:44:41 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-09-08 20:54:00 -------- d-----w- c:\windows\system32\x64
2011-09-02 12:09:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-09-02 12:09:14 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-09-02 12:09:14 785368 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-09-02 12:09:14 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
2011-09-02 12:09:14 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-09-02 12:09:14 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-09-02 12:09:14 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-09-02 12:09:14 1846232 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-09-02 12:09:14 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2011-09-02 12:09:14 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-08-31 00:47:00 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-08-21 07:58:57 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-07-06 18:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 18:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-26 06:45:56 256000 ----a-w- c:\windows\PEV.exe
.
============= FINISH: 7:32:49.56 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 19/09/2007 13:31:33
System Uptime: 24/09/2011 07:02:33 (0 hours ago)
.
Motherboard: Acer | | Tahoe
Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1500/166mhz
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Deluxe
Acer Crystal Eye webcam
Acer eAudio Management
Acer eDataSecurity Management
Acer eLock Management
Acer Empowering Technology
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer GridVista
Acer Mobility Center Plug-In
Acer ScreenSaver
Acer Tour
Acer VCM
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Advanced SystemCare 4
µTorrent
AVG Free 9.0
Broadcom Gigabit Integrated Controller
CCleaner
Facebook Plug-In
Football Manager 2008
Football Manager 2009
Google Earth
Google Update Helper
Google Updater
HDAUDIO Soft Data Fax Modem with SmartCP
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
IObit Malware Fighter
J2SE Runtime Environment 5.0 Update 3
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
Launch Manager
LightScribe 1.4.142.1
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.1.1800
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox 6.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery Case Files Ravenhearst
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
O2Micro Flash Memory Card Reader Driver Installer(x86)
OGA Notifier 2.0.0048.0
PowerProducer 3.72
RealPlayer
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 3.8
Smart Defrag 2
Smart Menus (Windows Live Toolbar)
Spotify
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoLAN VLC media player 0.8.6d
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
XP Codec Pack
.
==== Event Viewer Messages From Past Week ========
.
24/09/2011 07:31:11, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Display - Mobile Intel(R) 965 Express Chipset Family.
24/09/2011 07:09:54, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
24/09/2011 03:13:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
24/09/2011 03:13:30, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
24/09/2011 03:01:50, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
23/09/2011 19:16:50, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WPDBusEnum service.
23/09/2011 19:16:20, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
23/09/2011 19:15:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EMDMgmt service.
.
==== End Of File ===========================
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm
Advertisement
Register to Remove

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby Gary R » September 27th, 2011, 3:53 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby Gary R » September 27th, 2011, 3:56 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "malware removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi The Gaffer

I'm Gary R, I'll be glad to help you with your computer problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • If you're using XP, you'll need Administrator privileges to perform the fixes. (XP accounts are Administrator by default)
  • If you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator
Important As I said earlier removing Malware is a potentially hazardous thing to do, so to increase our chances of recovery in the event of something unexpected happening, I'd like you to make a backup of your Registry before we start to clean your computer.
  • Download ERUNT to your desktop
  • Alternate Download
  • Double-click on erunt_setup.exe to install the program
  • Untick the NTREGOPT desktop shortcut option
  • Click No when you get the option to run Erunt at Windows startup.
  • During the installation, tick Launch Erunt.
  • Accept the default options for running a backup.
  • Erunt will then backup your registry.
  • Click OK to finish.
  • If you are unable to back up your Registry with ERUNT ....
    • Let me know.
    • Do not follow any further instructions until I tell you to.
It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Download GMER to your Desktop. (It will have a randomly generated name, for example .... wjkl3ecz.exe)

  • Disconnect from the Internet, and close all running programmes.
  • There is a small chance this programme may crash your computer, so save any work you have open.
  • Double click on the randomly named GMER file (eg .... wjkl3ecz.exe) to launch GMER.
  • Let the gmer.sys driver load if asked.
  • If it gives you a warning at programme start about rootkit activity and asks if you want to run a scan ..... click OK.
  • If no warning:
    • Click Rootkit tab.
    • Ensure that All the boxes to the right of the program are checked except Show All.
    • Click Scan.
  • Do not use your computer while the scan is running.
  • Once scan is finished click Copy.
    • Click Start > Run then type Notepad.exe then click OK.
    • This will open a Notepad file.
    • Hit Ctrl+V to paste log into it.
    • Save the log to your Desktop.
  • Reconnect to internet and post the log please.

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • GMER log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 27th, 2011, 1:21 pm

OTL logfile created on: 27/09/2011 18:05:11 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.43 Gb Available Physical Memory | 21.48% Memory free
4.21 Gb Paging File | 2.60 Gb Available in Paging File | 61.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49.51 Gb Total Space | 11.56 Gb Free Space | 23.34% Space Free | Partition Type: NTFS
Drive D: | 49.51 Gb Total Space | 26.98 Gb Free Space | 54.49% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/27 18:03:15 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe
PRC - [2011/09/24 23:30:27 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Chris\AppData\Local\temp\RtkBtMnt.exe
PRC - [2011/09/24 10:30:38 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe
PRC - [2011/09/23 19:24:12 | 002,076,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/08/25 10:35:18 | 001,584,472 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/08/21 08:58:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2011/08/21 08:58:46 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2011/08/09 16:40:34 | 000,763,224 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/08/03 09:34:35 | 020,153,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\NDP40-KB2533523-x86.exe
PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/07/20 12:19:44 | 004,393,816 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2011/05/17 08:41:46 | 000,078,152 | ---- | M] (Microsoft Corporation) -- d:\4f95db9f65b8e48d18019c313b66b315\Setup.exe
PRC - [2010/09/23 15:50:18 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/17 18:45:47 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/17 18:45:36 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2007/07/04 04:08:30 | 000,834,056 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007/04/24 00:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/03/21 21:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 21:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/02/13 00:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/20 04:07:39 | 000,412,728 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll
MOD - [2011/09/20 04:07:37 | 003,696,184 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
MOD - [2011/09/20 04:06:11 | 000,142,568 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\avutil-51.dll
MOD - [2011/09/20 04:06:10 | 000,253,320 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\avformat-53.dll
MOD - [2011/09/20 04:06:09 | 002,403,240 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\avcodec-53.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2003/06/07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/08/21 08:58:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/21 21:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/13 00:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe -- (o2flash)


========== Driver Services (SafeList) ==========

DRV - [2011/09/23 19:24:10 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/08/21 08:58:57 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/07/11 14:40:40 | 000,018,768 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 00:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 00:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/11/26 18:02:28 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/07/17 18:45:38 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2008/11/17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/08/22 11:06:02 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/04/30 15:45:18 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/04/03 18:04:28 | 000,039,680 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2007/04/03 00:11:08 | 000,035,712 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2007/03/03 02:19:34 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007/02/08 02:35:10 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/11/29 01:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/11/02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware-en.com/en/index.php?rvs=hompag


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co.uk/ [binary data]
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Games Bar 1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2452474&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4af59d94&v=7.007.026.001&i=23&tp=ab&iy=&ychte=uk&lng=en-US&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Chris\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/02/07 14:51:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/24 07:03:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/09/02 12:59:07 | 000,000,000 | ---D | M]

[2008/08/07 22:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2011/08/17 21:54:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\extensions
[2009/09/26 11:12:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/16 12:31:42 | 000,000,925 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\conduit.xml
[2011/09/24 13:08:29 | 000,002,207 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\MyStart Search.xml
[2011/09/02 12:59:07 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.007.026.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incredimail.com/mb59/?search={searchTerms}&loc=search_box&u=92260089027323328
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Chris\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/08/17 23:34:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.dll ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8130BC08-EBCD-4C34-8A5A-EDB20B382A33}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) -C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/27 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\mal posts
[2011/09/27 17:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/09/27 17:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/09/25 13:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/09/25 13:30:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/09/25 12:48:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/09/25 10:54:00 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/09/25 10:51:53 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/09/25 10:49:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVG9
[2011/09/24 13:40:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\Roaming
[2011/09/24 13:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2011/09/24 13:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2011/09/24 13:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/09/24 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011/09/24 13:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011/09/24 13:11:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Auslogics
[2011/09/24 13:10:19 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\IM
[2011/09/24 13:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2011/09/24 13:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/09/24 13:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2011/09/24 13:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2011/09/24 07:27:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/09/24 07:27:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/09/24 07:27:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/09/23 19:38:01 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\dds.scr
[2011/09/08 22:01:46 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/09/08 22:01:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/09/08 22:01:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/09/08 22:01:45 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/09/08 22:01:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/09/08 22:01:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/09/08 22:01:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/09/08 22:01:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/09/08 22:01:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/09/08 22:01:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/09/08 22:01:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/09/08 22:01:43 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/09/08 22:01:43 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/09/08 22:01:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/09/08 22:01:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/09/08 22:01:42 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/09/08 22:01:42 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/09/08 22:01:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/09/08 22:01:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/09/08 22:01:42 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/09/08 22:01:41 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/09/08 22:01:41 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/09/08 22:01:41 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/09/08 22:01:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/09/08 22:01:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/09/08 22:01:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/09/08 22:01:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/09/08 22:01:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/09/08 22:01:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/09/08 22:01:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/09/08 22:01:39 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/09/08 22:01:39 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/09/08 22:01:39 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/09/08 22:01:38 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/09/08 22:01:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/09/08 22:01:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/09/08 22:01:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/09/08 21:54:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2011/08/31 01:47:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2007/09/19 13:57:47 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007/09/19 13:30:28 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/09/19 13:30:28 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2007/09/19 13:30:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2004/11/24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/27 18:15:53 | 000,599,726 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/27 18:15:53 | 000,105,602 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/27 17:59:11 | 086,688,072 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/09/27 17:58:42 | 000,000,718 | ---- | M] () -- C:\Users\Chris\Desktop\ERUNT.lnk
[2011/09/27 17:55:37 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/09/27 17:52:16 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/27 17:52:16 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/27 17:51:45 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/27 17:51:36 | 000,001,356 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2011/09/27 17:50:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/25 14:35:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/25 14:34:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-807008389-1619455337-1411209659-1000UA.job
[2011/09/25 13:34:37 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011/09/25 13:34:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-807008389-1619455337-1411209659-1000Core.job
[2011/09/25 13:30:50 | 000,002,046 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2011/09/25 13:30:50 | 000,002,008 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 10:52:36 | 004,227,131 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\ComboFix.exe
[2011/09/25 07:05:55 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/24 13:08:56 | 000,001,091 | ---- | M] () -- C:\Users\Chris\Desktop\Auslogics Registry Defrag.lnk
[2011/09/23 19:30:44 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\dds.scr
[2011/09/23 19:24:10 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2011/09/08 22:44:13 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011/09/08 22:44:13 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011/09/08 22:02:00 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/09/08 22:02:00 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/09/08 22:01:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/09/08 22:01:46 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/09/08 22:01:45 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/09/08 22:01:45 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/09/08 22:01:45 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/09/08 22:01:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/09/08 22:01:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/09/08 22:01:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/09/08 22:01:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/09/08 22:01:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/09/08 22:01:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/09/08 22:01:43 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/09/08 22:01:43 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/09/08 22:01:43 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/09/08 22:01:43 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/09/08 22:01:43 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/09/08 22:01:42 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/09/08 22:01:42 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/09/08 22:01:42 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/09/08 22:01:42 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/09/08 22:01:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/09/08 22:01:41 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/09/08 22:01:41 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/09/08 22:01:41 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/09/08 22:01:41 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/09/08 22:01:40 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/09/08 22:01:40 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/09/08 22:01:39 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/09/08 22:01:39 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/09/08 22:01:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/09/08 22:01:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/09/08 22:01:39 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/09/08 22:01:39 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/09/08 22:01:39 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/09/08 22:01:38 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/09/08 22:01:38 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/09/08 22:01:38 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/09/08 22:01:38 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/27 17:58:42 | 000,000,718 | ---- | C] () -- C:\Users\Chris\Desktop\ERUNT.lnk
[2011/09/25 13:34:39 | 000,025,944 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/09/25 13:34:39 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/09/25 13:34:37 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011/09/25 13:30:50 | 000,002,046 | ---- | C] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2011/09/25 13:30:50 | 000,002,008 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 13:29:52 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-807008389-1619455337-1411209659-1000UA.job
[2011/09/25 13:29:52 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-807008389-1619455337-1411209659-1000Core.job
[2011/09/24 13:08:56 | 000,001,091 | ---- | C] () -- C:\Users\Chris\Desktop\Auslogics Registry Defrag.lnk
[2011/09/08 22:44:13 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011/09/08 22:44:13 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011/09/08 22:01:43 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/08/17 23:21:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/17 23:21:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/17 23:21:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/17 23:21:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/17 23:21:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/12/23 17:08:52 | 000,006,542 | ---- | C] () -- C:\Windows\2z559spy97c.dll
[2009/12/16 13:47:50 | 000,007,943 | ---- | C] () -- C:\Windows\System32\7264tro5988z.dll
[2009/11/27 12:27:33 | 000,009,190 | ---- | C] () -- C:\Windows\39z79p564b.dll
[2009/11/23 03:55:20 | 000,003,495 | ---- | C] () -- C:\Windows\System32\89z0wo95569.dll
[2009/11/20 17:05:53 | 000,002,803 | ---- | C] () -- C:\Windows\System32\98e6backdo5z904.bin
[2009/11/20 08:55:14 | 000,016,892 | ---- | C] () -- C:\Windows\System32\15326zp91595.bin
[2009/11/18 17:10:03 | 000,017,920 | ---- | C] () -- C:\Windows\System32\1429zpyw5r92859.exe
[2009/11/17 12:48:38 | 000,011,371 | ---- | C] () -- C:\Windows\System32\19616zpy69f5.bin
[2009/11/17 07:48:36 | 000,010,386 | ---- | C] () -- C:\Windows\System32\78cdo59loazer340.exe
[2009/11/17 00:45:49 | 000,004,608 | ---- | C] () -- C:\Windows\System32\17ffzp9ware1502.exe
[2009/11/07 01:42:52 | 000,006,582 | ---- | C] () -- C:\Windows\System32\193czte5l2610.dll
[2009/11/07 01:42:51 | 000,017,135 | ---- | C] () -- C:\Windows\System32\d53zhre9t9580.dll
[2009/11/07 01:42:50 | 000,014,108 | ---- | C] () -- C:\Windows\27936spy445z.bin
[2009/11/07 01:42:47 | 000,004,446 | ---- | C] () -- C:\Windows\113cvi594z.bin
[2009/11/07 01:42:43 | 000,008,446 | ---- | C] () -- C:\Windows\System32\3509downl95der8z1.dll
[2009/11/07 01:42:26 | 000,006,346 | ---- | C] () -- C:\Windows\System32\125579irzs5a3.dll
[2009/11/07 01:42:20 | 000,015,027 | ---- | C] () -- C:\Windows\System32\25680trojzc95.dll
[2009/11/07 01:42:19 | 000,009,053 | ---- | C] () -- C:\Windows\System32\5zc9sparse834.bin
[2009/11/07 01:42:19 | 000,007,690 | ---- | C] () -- C:\Windows\System32\1900sza5se999.exe
[2009/11/07 01:42:18 | 000,012,346 | ---- | C] () -- C:\Windows\System32\1222szea929905.exe
[2009/11/07 01:42:18 | 000,010,253 | ---- | C] () -- C:\Windows\150d5hrezt28950.bin
[2009/11/07 01:42:17 | 000,005,446 | ---- | C] () -- C:\Windows\System32\4168downlo9ze51257.exe
[2009/11/07 01:42:17 | 000,003,778 | ---- | C] () -- C:\Windows\System32\86799py55z.dll
[2009/11/07 01:42:16 | 000,012,114 | ---- | C] () -- C:\Windows\15z0295y699.bin
[2009/11/07 01:42:13 | 000,014,326 | ---- | C] () -- C:\Windows\System32\95a5viz943.dll
[2009/11/07 01:42:13 | 000,008,053 | ---- | C] () -- C:\Windows\3243z5or9652.bin
[2009/11/07 01:42:12 | 000,011,789 | ---- | C] () -- C:\Windows\System32\5607vir2z92.dll
[2009/11/07 01:42:12 | 000,009,417 | ---- | C] () -- C:\Windows\2cabspywzr91525.exe
[2009/11/07 01:42:11 | 000,009,004 | ---- | C] () -- C:\Windows\System32\4226spywa9z5140.bin
[2009/11/07 01:42:11 | 000,004,675 | ---- | C] () -- C:\Windows\System32\29624spy5d7z.bin
[2009/11/07 01:42:11 | 000,004,026 | ---- | C] () -- C:\Windows\7041downlza9er9195.bin
[2009/11/07 01:42:11 | 000,003,603 | ---- | C] () -- C:\Windows\15268s9y3b9z.exe
[2009/11/07 01:42:11 | 000,002,605 | ---- | C] () -- C:\Windows\17z10not-a-vi59s638.bin
[2009/11/04 09:49:14 | 000,014,327 | ---- | C] () -- C:\Windows\49165hiez23389.bin
[2009/11/02 14:53:17 | 000,014,856 | ---- | C] () -- C:\Windows\System32\7d4etz5eat58239.bin
[2009/10/22 12:22:42 | 000,009,640 | ---- | C] () -- C:\Windows\525sparsz209.dll
[2009/10/19 21:23:52 | 000,007,101 | ---- | C] () -- C:\Windows\System32\16e9a5kdoor1047z.exe
[2009/10/18 10:14:59 | 000,004,911 | ---- | C] () -- C:\Windows\70659ir144z5.exe
[2009/10/04 02:48:34 | 000,008,883 | ---- | C] () -- C:\Windows\319315rojz9.exe
[2009/09/25 17:18:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/25 17:18:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 09:34:30 | 000,014,465 | ---- | C] () -- C:\Windows\System32\23e95p9rse133z.exe
[2009/09/17 18:27:33 | 000,003,929 | ---- | C] () -- C:\Windows\4deas9azse159.bin
[2009/09/12 01:51:38 | 000,012,566 | ---- | C] () -- C:\Windows\System32\7a98add5aze4769.dll
[2009/09/07 08:28:31 | 000,010,775 | ---- | C] () -- C:\Windows\System32\13110sz94e5.exe
[2009/09/06 08:10:57 | 000,002,997 | ---- | C] () -- C:\Windows\z860s9arse2755.exe
[2009/09/01 13:48:53 | 000,009,379 | ---- | C] () -- C:\Windows\System32\1z955tro9297.dll
[2009/08/17 14:55:36 | 000,002,763 | ---- | C] () -- C:\Windows\z08915o9m5b4.exe
[2009/08/09 01:26:54 | 000,010,162 | ---- | C] () -- C:\Windows\484c9zief2925.bin
[2009/08/08 00:38:41 | 000,011,633 | ---- | C] () -- C:\Windows\System32\41b3s9a5se29z5.exe
[2009/08/04 11:02:00 | 000,011,415 | ---- | C] () -- C:\Windows\System32\3759zor56289.exe
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/08/02 18:25:21 | 000,004,862 | ---- | C] () -- C:\Windows\System32\79z4troj2f35.bin
[2009/07/27 20:34:39 | 000,009,175 | ---- | C] () -- C:\Windows\27472hack5ozl69f.bin
[2009/07/26 12:59:27 | 000,012,337 | ---- | C] () -- C:\Windows\System32\91zsparse458.bin
[2009/07/23 21:02:34 | 000,016,942 | ---- | C] () -- C:\Windows\System32\13555sz9mbot7c9.bin
[2009/07/22 19:51:44 | 000,005,683 | ---- | C] () -- C:\Windows\System32\6z1159rm14.dll
[2009/06/27 01:50:00 | 000,016,554 | ---- | C] () -- C:\Windows\System32\25bzsparse598.exe
[2009/06/23 12:21:20 | 000,008,704 | ---- | C] () -- C:\Windows\71855zckdo9r1804.dll
[2009/06/14 05:02:09 | 000,013,474 | ---- | C] () -- C:\Windows\7179sze5l3079.bin
[2009/05/27 01:28:51 | 000,010,131 | ---- | C] () -- C:\Windows\System32\2bzet9r5at25667.exe
[2009/05/16 07:21:47 | 000,008,053 | ---- | C] () -- C:\Windows\System32\31979sz5739.exe
[2009/05/15 11:36:17 | 000,004,033 | ---- | C] () -- C:\Windows\6de2spazse22529.dll
[2009/05/14 16:18:28 | 000,008,293 | ---- | C] () -- C:\Windows\System32\159825roj45z.dll
[2009/05/12 20:43:32 | 000,001,356 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2009/05/11 09:41:11 | 000,008,962 | ---- | C] () -- C:\Windows\584dsp9rze30955.bin
[2009/05/06 03:01:06 | 000,006,016 | ---- | C] () -- C:\Windows\13975tzoj4b5.bin
[2009/05/03 00:07:32 | 000,003,109 | ---- | C] () -- C:\Windows\1f67z59790.bin
[2009/05/01 06:56:44 | 000,004,178 | ---- | C] () -- C:\Windows\9125wzr952.dll
[2009/04/25 07:25:41 | 000,007,460 | ---- | C] () -- C:\Windows\6eazs5e9l2686.bin
[2009/04/20 22:53:52 | 000,004,238 | ---- | C] () -- C:\Windows\506429irzs74f.dll
[2009/04/18 08:00:56 | 000,009,149 | ---- | C] () -- C:\Windows\92920s5yz38.bin
[2009/04/17 18:06:46 | 000,013,682 | ---- | C] () -- C:\Windows\System32\594zhie51492.dll
[2009/04/08 22:00:46 | 000,006,083 | ---- | C] () -- C:\Windows\60c2s95waze1742.exe
[2009/04/04 05:34:25 | 000,003,873 | ---- | C] () -- C:\Windows\25c2v9z483.exe
[2009/03/26 09:05:45 | 000,007,546 | ---- | C] () -- C:\Windows\System32\160765ackz9ol7ea.bin
[2009/03/15 06:55:22 | 000,002,863 | ---- | C] () -- C:\Windows\System32\21999tzoj6a45.exe
[2009/03/05 18:32:10 | 000,002,737 | ---- | C] () -- C:\Windows\7367vi9567z.dll
[2009/03/01 17:32:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/02/26 22:43:08 | 000,015,631 | ---- | C] () -- C:\Windows\System32\6z56t9oj307.exe
[2009/02/26 12:07:19 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/21 05:55:05 | 000,012,478 | ---- | C] () -- C:\Windows\System32\1faft9rzat271955.bin
[2009/02/19 08:23:24 | 000,012,245 | ---- | C] () -- C:\Windows\System32\35d79iz3219.dll
[2009/01/23 15:27:04 | 000,008,865 | ---- | C] () -- C:\Windows\System32\5915zpy3ae.exe
[2009/01/19 22:39:18 | 000,005,461 | ---- | C] () -- C:\Windows\System32\9260vi5z039.exe
[2009/01/08 21:11:05 | 000,012,006 | ---- | C] () -- C:\Windows\System32\40ba9zarse5992.dll
[2008/12/25 11:29:12 | 000,006,208 | ---- | C] () -- C:\Windows\System32\25429vi5zs2c5.exe
[2008/12/24 18:43:07 | 000,015,524 | ---- | C] () -- C:\Windows\z8456s9y28b.bin
[2008/12/15 01:27:21 | 000,008,561 | ---- | C] () -- C:\Windows\System32\3795zparse2845.dll
[2008/12/14 23:48:16 | 000,008,306 | ---- | C] () -- C:\Windows\System32\6e9es5ezl2161.bin
[2008/12/12 22:53:19 | 000,002,905 | ---- | C] () -- C:\Windows\2595trojz60.dll
[2008/12/11 10:03:05 | 000,006,476 | ---- | C] () -- C:\Windows\System32\955czir922.dll
[2008/11/29 20:24:46 | 000,018,944 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/28 18:05:28 | 000,012,996 | ---- | C] () -- C:\Windows\System32\25499tr5j2z9.bin
[2008/11/07 19:48:01 | 000,009,809 | ---- | C] () -- C:\Windows\System32\7027tro96a5z.exe
[2008/10/28 01:30:41 | 000,005,020 | ---- | C] () -- C:\Windows\System32\4945zo9m72e.exe
[2008/10/20 06:54:04 | 000,008,499 | ---- | C] () -- C:\Windows\System32\39202t5zj2ea.dll
[2008/10/14 19:30:31 | 000,005,034 | ---- | C] () -- C:\Windows\System32\5989ir5z799.exe
[2008/10/13 19:22:13 | 000,003,029 | ---- | C] () -- C:\Windows\System32\549bvir84z.exe
[2008/10/13 10:01:53 | 000,013,135 | ---- | C] () -- C:\Windows\e15spyw9rz1147.bin
[2008/10/04 11:48:27 | 000,017,043 | ---- | C] () -- C:\Windows\771at95ef2z45.bin
[2008/10/04 06:55:00 | 000,002,687 | ---- | C] () -- C:\Windows\157359rzj655.bin
[2008/09/28 21:36:13 | 000,002,522 | ---- | C] () -- C:\Windows\System32\13583zir5s95e.bin
[2008/09/25 09:13:50 | 000,015,445 | ---- | C] () -- C:\Windows\za51sparse5359.bin
[2008/09/24 09:34:32 | 000,007,943 | ---- | C] () -- C:\Windows\System32\79a3st5az479.dll
[2008/09/21 04:18:37 | 000,008,239 | ---- | C] () -- C:\Windows\3559not-a-vizu925a.bin
[2008/09/20 07:43:29 | 000,010,903 | ---- | C] () -- C:\Windows\System32\57095tro9za.bin
[2008/09/12 17:15:33 | 000,016,191 | ---- | C] () -- C:\Windows\System32\4d33b9c5dooz3258.dll
[2008/09/07 01:07:58 | 000,014,817 | ---- | C] () -- C:\Windows\555ds9arse31z7.bin
[2008/08/21 17:10:53 | 000,002,892 | ---- | C] () -- C:\Windows\System32\195725acktoz914.dll
[2008/08/12 21:31:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/08/11 09:27:57 | 000,013,782 | ---- | C] () -- C:\Windows\System32\76a1down5zad9r651.bin
[2008/08/07 00:05:31 | 000,005,317 | ---- | C] () -- C:\Windows\z7050tro529c.bin
[2008/07/26 10:11:17 | 000,018,197 | ---- | C] () -- C:\Windows\System32\5220stez9763.exe
[2008/07/25 15:15:32 | 000,013,196 | ---- | C] () -- C:\Windows\System32\3649v59usz9.exe
[2008/07/23 15:36:24 | 000,006,934 | ---- | C] () -- C:\Windows\18269hie521z8.dll
[2008/07/22 17:33:30 | 000,015,042 | ---- | C] () -- C:\Windows\System32\53d79ir1515z.exe
[2008/07/18 01:21:52 | 000,009,333 | ---- | C] () -- C:\Windows\System32\29055troj554z.bin
[2008/07/17 13:23:41 | 000,014,925 | ---- | C] () -- C:\Windows\System32\75f2backdo9z2912.bin
[2008/07/14 19:19:01 | 000,003,245 | ---- | C] () -- C:\Windows\System32\7dcdzdd5ar91830.exe
[2008/07/12 12:42:07 | 000,008,855 | ---- | C] () -- C:\Windows\3e8fs9yw5rz911.exe
[2008/07/12 10:01:22 | 000,005,920 | ---- | C] () -- C:\Windows\3z81v9r28495.dll
[2008/07/11 02:39:29 | 000,014,361 | ---- | C] () -- C:\Windows\System32\21cf5ir9065z.exe
[2008/07/08 14:04:32 | 000,012,753 | ---- | C] () -- C:\Windows\3279tzo5254.bin
[2008/07/05 11:14:48 | 000,456,192 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008/07/05 11:14:44 | 003,591,168 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/07/05 11:13:16 | 000,708,096 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008/07/04 23:09:09 | 000,009,546 | ---- | C] () -- C:\Windows\650csp5z9re1643.exe
[2008/06/22 17:34:00 | 000,177,664 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/06/21 17:05:33 | 000,007,981 | ---- | C] () -- C:\Windows\1z093tr5j115.dll
[2008/06/18 04:32:24 | 000,018,193 | ---- | C] () -- C:\Windows\System32\39bv5r2902z.exe
[2008/06/13 11:39:38 | 000,023,552 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008/06/12 18:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/06/10 03:42:30 | 000,014,193 | ---- | C] () -- C:\Windows\System32\z97spy3395.dll
[2008/06/04 21:39:04 | 000,012,304 | ---- | C] () -- C:\Windows\System32\655s9y4z1.bin
[2008/06/02 09:43:20 | 000,007,218 | ---- | C] () -- C:\Windows\System32\6a4eaddz9re23305.dll
[2008/05/18 00:05:59 | 000,008,101 | ---- | C] () -- C:\Windows\29f0sparsz2795.exe
[2008/05/15 00:55:59 | 000,008,609 | ---- | C] () -- C:\Windows\System32\79f2zhrea95803.exe
[2008/05/12 17:10:22 | 000,014,246 | ---- | C] () -- C:\Windows\System32\6a15zir13029.bin
[2008/05/10 10:47:37 | 000,010,525 | ---- | C] () -- C:\Windows\System32\5ac5zparse9498.exe
[2008/05/07 22:45:02 | 000,007,962 | ---- | C] () -- C:\Windows\System32\3bb9v591z32.exe
[2008/04/25 19:18:46 | 000,015,852 | ---- | C] () -- C:\Windows\System32\5e5asparsez849.bin
[2008/04/14 05:35:02 | 000,005,633 | ---- | C] () -- C:\Windows\6789tzi5f422.bin
[2008/04/10 16:11:33 | 000,004,426 | ---- | C] () -- C:\Windows\System32\18966spamz9t543.exe
[2008/04/08 11:11:53 | 000,013,622 | ---- | C] () -- C:\Windows\6c59virz43.bin
[2008/04/08 07:32:02 | 000,011,730 | ---- | C] () -- C:\Windows\System32\25b9addw9r529z3.bin
[2008/04/04 15:38:45 | 000,006,214 | ---- | C] () -- C:\Windows\4be495iez1854.bin
[2008/04/02 02:09:00 | 000,010,982 | ---- | C] () -- C:\Windows\3140sp9m5zt1d9.bin
[2008/03/28 03:39:15 | 000,008,743 | ---- | C] () -- C:\Windows\z955vir2931.bin
[2008/03/14 13:54:44 | 000,003,876 | ---- | C] () -- C:\Windows\System32\53cfvir897z.dll
[2008/03/03 18:19:06 | 000,010,096 | ---- | C] () -- C:\Windows\25zfspars9874.bin
[2008/03/01 18:26:09 | 000,009,393 | ---- | C] () -- C:\Windows\92312troj45bz.dll
[2008/02/18 03:00:31 | 000,014,931 | ---- | C] () -- C:\Windows\26680s59752z.bin
[2008/02/16 02:43:39 | 000,013,068 | ---- | C] () -- C:\Windows\System32\9847hzck5oo91b8.bin
[2008/02/13 03:36:35 | 000,016,383 | ---- | C] () -- C:\Windows\1358virz99.bin
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2008/02/07 01:59:44 | 000,005,944 | ---- | C] () -- C:\Windows\b01z9arse85.dll
[2008/02/04 11:46:07 | 000,003,690 | ---- | C] () -- C:\Windows\System32\z0d5vi9954.exe
[2008/01/28 21:33:25 | 000,013,491 | ---- | C] () -- C:\Windows\4542spywa9z1514.bin
[2008/01/25 15:18:43 | 000,010,572 | ---- | C] () -- C:\Windows\System32\6f6z5hie91694.exe
[2008/01/19 23:00:00 | 000,012,392 | ---- | C] () -- C:\Windows\System32\25529tezl1990.exe
[2008/01/16 06:23:59 | 000,012,160 | ---- | C] () -- C:\Windows\zba9sp9rse4905.bin
[2008/01/12 15:09:14 | 000,013,214 | ---- | C] () -- C:\Windows\System32\298bvzr5295.dll
[2008/01/10 01:06:33 | 000,015,818 | ---- | C] () -- C:\Windows\System32\10z07s9y15c.dll
[2008/01/07 07:25:20 | 000,004,177 | ---- | C] () -- C:\Windows\System32\7z78s5a9se529.dll
[2008/01/03 18:47:27 | 000,005,574 | ---- | C] () -- C:\Windows\z7995tr5j1199.exe
[2008/01/01 13:21:27 | 000,004,984 | ---- | C] () -- C:\Windows\3635spazse1907.dll
[2007/09/19 14:26:33 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/09/19 14:26:24 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/19 14:26:24 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/09/19 13:58:29 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/09/19 13:58:29 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/09/19 13:57:47 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2007/09/19 13:30:28 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/15 16:57:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/08/15 12:17:51 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/08/14 12:11:08 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2007/08/14 12:11:08 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2007/08/14 12:11:08 | 000,000,042 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2006/11/02 16:10:16 | 000,080,912 | ---- | C] () -- C:\Windows\System32\sherlock2.exe
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,378,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,599,726 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,105,602 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004/10/03 17:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/12/26 23:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2008/08/06 18:35:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Acer
[2011/09/24 13:11:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Auslogics
[2011/09/25 10:49:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVG9
[2010/04/28 23:27:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Facebook
[2011/09/08 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\IObit
[2009/01/24 22:20:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LimeWire
[2008/11/27 15:44:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sports Interactive
[2011/09/24 11:14:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Spotify
[2009/07/29 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Tatara Systems
[2011/07/23 13:18:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2011/08/31 18:56:11 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\IObit
[2011/09/26 23:32:18 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:587EB586

< End of report >
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 27th, 2011, 1:22 pm

OTL Extras logfile created on: 27/09/2011 18:06:08 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.43 Gb Available Physical Memory | 21.48% Memory free
4.21 Gb Paging File | 2.60 Gb Available in Paging File | 61.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49.51 Gb Total Space | 11.56 Gb Free Space | 23.34% Space Free | Partition Type: NTFS
Drive D: | 49.51 Gb Total Space | 26.98 Gb Free Space | 54.49% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A24FB33-4174-4627-8611-BE0DDA5ED0B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0A39C4E5-FF6D-4F70-A31C-05536AFCD9C9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0F0F30DC-211F-4677-80F4-27B2D527529C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{132738C4-B6ED-4806-BB45-ADD2C395D828}" = lport=2869 | protocol=6 | dir=in | app=system |
"{15CB3E38-EEE2-4A4F-88C7-48139D5BC62D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{372CB7F1-4C30-4CF3-B4A3-01B69D7F226B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{55194692-55B0-44D9-BA42-97906C6B8195}" = lport=2869 | protocol=6 | dir=in | app=system |
"{59488FCC-D746-4AB3-9350-FE087FF7F29A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{60CC2E56-22FF-439B-A345-04B516E3FF32}" = lport=2869 | protocol=6 | dir=in | app=system |
"{60D31B7B-6958-4586-B783-34FFB2F961A9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9459841D-ACB9-43D3-AC2C-13016BCF2A2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97D951EC-DDCC-4209-80CA-45DA452B5B9B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A074483E-B121-4E39-91A7-098EFCA366B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C5C3B7E5-C38B-4262-A1A0-CFC6626DF50A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CF5FF510-9F1E-46C4-88A9-3DA3134F3B96}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D5F8EF3E-AD6F-4AEE-A20E-33AB182E53B0}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0968CB48-E962-462A-AF7D-51AF05193FDA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0E082370-37D7-4499-9DDA-E0FB68F2E112}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{12A928C9-9B58-4DC7-8564-204493A38BDD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1F183FD5-5701-4ACB-805C-D0B5CEB53486}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{295B1DB1-C01A-492C-B9A2-A18D1094F4DD}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{3E52B7C7-5DE6-4B0B-981D-3D216D8AC523}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4027DF4F-3D3D-486F-A46E-A29DB44D93A3}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{4DCBCBD0-06EA-4CB4-B8AD-E40DFD2015F1}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{56A89E25-262A-4BDF-A216-E85F56699914}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{582C55BF-02B8-411E-9944-90FF4C1E0AFD}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{5CFB4CB1-8551-4D23-9536-82A8F6937D34}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{64CD4D0B-B2BF-4975-908E-3504D019A1C4}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{67FF9227-51A9-4A01-A05F-A4AA95E813AD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{685A09BD-A270-471E-82E4-17A11CCA8A8C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6F8EFB29-0777-4328-9A5D-514988CDCBF2}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{71D465B8-0ABD-457B-9A5E-EEA9059A80F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C50762D-A21E-4A54-8400-6CAC2EB58A34}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7E14DE20-C826-4FE7-AADD-17E38069157D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7F4779A7-743E-4907-845B-F0F45C947BE6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{948FE7C6-149A-4FF6-A84B-F6F085E85D71}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{B17390CC-F642-44F6-B7D4-C3A255980B3C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{C59D6DD1-5BCA-4B5A-8AF3-9AA429F473E4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C66E8259-7F60-45FB-A2B4-B3214195D324}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{CF428810-4CC9-429B-B2CC-6FE05973D530}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DEB2A43C-E8F4-4955-B471-1D12216B7230}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{DFB55317-9717-4FDF-9444-948E7407B5B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EDDB9C6D-97B4-4B25-9A15-08E451603768}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FE3174DE-7C50-478D-9D23-A23590373D84}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi Software
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{78764173-3805-4916-B3CE-B433702B8870}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1" = Auslogics Registry Defrag
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"ERUNT_is1" = ERUNT 1.1j
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"IObit Malware Fighter_is1" = IObit Malware Fighter
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"RealPlayer 6.0" = RealPlayer
"Smart Defrag 2_is1" = Smart Defrag 2
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WinLiveSuite_Wave3" = Windows Live Essentials
"XP Codec Pack" = XP Codec Pack

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-807008389-1619455337-1411209659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/03/2010 20:09:05 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 08/03/2010 21:09:05 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 08/03/2010 22:09:05 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 08/03/2010 23:09:06 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 08/03/2010 23:35:54 | Computer Name = Chris-PC | Source = RasClient | ID = 20227
Description =

Error - 09/03/2010 00:09:06 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 09/03/2010 02:09:18 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 09/03/2010 03:09:21 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 09/03/2010 04:09:05 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

Error - 10/03/2010 12:09:06 | Computer Name = Chris-PC | Source = Google Update | ID = 20
Description =

[ Media Center Events ]
Error - 07/04/2009 13:36:37 | Computer Name = Chris-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 27/04/2009 15:45:57 | Computer Name = Chris-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ System Events ]
Error - 25/09/2011 07:47:09 | Computer Name = Chris-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 25/09/2011 07:58:11 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 25/09/2011 08:02:01 | Computer Name = Chris-PC | Source = volsnap | ID = 393236
Description = The shadow copies of volume C: were aborted because of a failed free
space computation.

Error - 25/09/2011 08:43:07 | Computer Name = Chris-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 25/09/2011 09:21:29 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 25/09/2011 10:28:16 | Computer Name = Chris-PC | Source = volsnap | ID = 393236
Description = The shadow copies of volume C: were aborted because of a failed free
space computation.

Error - 25/09/2011 10:28:24 | Computer Name = Chris-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 26/09/2011 18:14:05 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26/09/2011 18:19:25 | Computer Name = Chris-PC | Source = volsnap | ID = 393236
Description = The shadow copies of volume C: were aborted because of a failed free
space computation.

Error - 27/09/2011 12:51:56 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 27th, 2011, 3:48 pm

Hi Gary R,

Thank you for your help. I've posted the first two logs that were asked of me but I can't seem to get gmer downloaded at the moment. Any ideas on how to go forward?

Again, Thanks for your help.

The Gaffer
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby Gary R » September 27th, 2011, 4:31 pm

If GMER is giving problems let's try something else ....

Download RootRepeal.zip and unzip it to your Desktop.

  • Double click RootRepeal.exe to start the program
  • Click the Report tab at the bottom of the program window
  • Click the Scan button.
  • In the Select Scan dialog, check:
    • Drivers
    • Files
    • Processes
    • SSDT
    • Stealth Objects
    • Hidden Services
    • Shadow SSDT
  • Click the OK button
  • In the next dialog, select all drives showing
  • Click OK to start the scan
  • The scan can take some time. DO NOT run any other programs while the scan is running
  • When the scan is complete, the Save Report button will become available
  • Click this and save the report to your Desktop as RootRepeal.txt
  • Go to File, then Exit to close the program
  • Please post the report in your next reply. (it may take more than one post to get it all in)
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 4:07 am

Hi Gary R,

I'm afraid RootRepeal keeps crashing.

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP2
Exception Code: 0xc0000005
Exception Address: 0x00456d83
Attempt to read from address: 0x00000114

Thanks
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 4:07 am

Hi Gary R,

I'm afraid RootRepeal keeps crashing.

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP2
Exception Code: 0xc0000005
Exception Address: 0x00456d83
Attempt to read from address: 0x00000114

Thanks
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby Gary R » September 28th, 2011, 4:34 am

Seems your machine doesn't want to run a rootkit scan, there's a few infections that block RK scans, lets see if we can find out if you have one.

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 5:22 am

HI Gary R,

No threats were found.

Note:
Verify driver digital signature and
Detect TDLFS file system checkboxes were not checked in the "change parameters" option

Thanks
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 5:49 am

Here is the TDSKiller log anyway:


10:17:22.0952 0800 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
10:17:22.0999 0800 ============================================================
10:17:22.0999 0800 Current date / time: 2011/09/28 10:17:22.0999
10:17:22.0999 0800 SystemInfo:
10:17:22.0999 0800
10:17:22.0999 0800 OS Version: 6.0.6002 ServicePack: 2.0
10:17:22.0999 0800 Product type: Workstation
10:17:22.0999 0800 ComputerName: CHRIS-PC
10:17:22.0999 0800 UserName: Chris
10:17:22.0999 0800 Windows directory: C:\Windows
10:17:22.0999 0800 System windows directory: C:\Windows
10:17:22.0999 0800 Processor architecture: Intel x86
10:17:22.0999 0800 Number of processors: 2
10:17:22.0999 0800 Page size: 0x1000
10:17:22.0999 0800 Boot type: Normal boot
10:17:22.0999 0800 ============================================================
10:18:10.0361 0800 Initialize success
10:18:18.0364 3124 ============================================================
10:18:18.0364 3124 Scan started
10:18:18.0364 3124 Mode: Manual;
10:18:18.0364 3124 ============================================================
10:18:19.0019 3124 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:18:19.0034 3124 ACPI - ok
10:18:19.0097 3124 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
10:18:19.0097 3124 adp94xx - ok
10:18:19.0253 3124 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
10:18:19.0253 3124 adpahci - ok
10:18:19.0315 3124 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
10:18:19.0315 3124 adpu160m - ok
10:18:19.0393 3124 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
10:18:19.0393 3124 adpu320 - ok
10:18:19.0549 3124 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:18:19.0549 3124 AFD - ok
10:18:19.0612 3124 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
10:18:19.0612 3124 agp440 - ok
10:18:19.0658 3124 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:18:19.0658 3124 aic78xx - ok
10:18:19.0783 3124 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
10:18:19.0783 3124 aliide - ok
10:18:19.0846 3124 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
10:18:19.0846 3124 amdagp - ok
10:18:19.0877 3124 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
10:18:19.0877 3124 amdide - ok
10:18:19.0908 3124 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
10:18:19.0924 3124 AmdK7 - ok
10:18:19.0955 3124 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
10:18:19.0955 3124 AmdK8 - ok
10:18:20.0111 3124 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
10:18:20.0111 3124 arc - ok
10:18:20.0158 3124 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
10:18:20.0158 3124 arcsas - ok
10:18:20.0220 3124 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:18:20.0220 3124 AsyncMac - ok
10:18:20.0360 3124 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:18:20.0360 3124 atapi - ok
10:18:20.0454 3124 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys
10:18:20.0470 3124 athr - ok
10:18:20.0579 3124 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
10:18:20.0594 3124 AvgLdx86 - ok
10:18:20.0688 3124 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\Windows\System32\Drivers\avgmfx86.sys
10:18:20.0688 3124 AvgMfx86 - ok
10:18:20.0782 3124 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys
10:18:20.0782 3124 AvgTdiX - ok
10:18:20.0891 3124 b57nd60x (0b92ccf7bfcbe2b33838434f2f50cb61) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:18:20.0891 3124 b57nd60x - ok
10:18:20.0969 3124 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:18:20.0984 3124 Beep - ok
10:18:21.0031 3124 blbdrive - ok
10:18:21.0156 3124 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:18:21.0156 3124 bowser - ok
10:18:21.0218 3124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:18:21.0218 3124 BrFiltLo - ok
10:18:21.0250 3124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:18:21.0265 3124 BrFiltUp - ok
10:18:21.0312 3124 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:18:21.0312 3124 Brserid - ok
10:18:21.0437 3124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:18:21.0437 3124 BrSerWdm - ok
10:18:21.0546 3124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:18:21.0546 3124 BrUsbMdm - ok
10:18:21.0593 3124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:18:21.0593 3124 BrUsbSer - ok
10:18:21.0702 3124 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:18:21.0702 3124 BTHMODEM - ok
10:18:21.0780 3124 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:18:21.0796 3124 cdfs - ok
10:18:21.0842 3124 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:18:21.0858 3124 cdrom - ok
10:18:21.0983 3124 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
10:18:21.0983 3124 circlass - ok
10:18:22.0061 3124 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:18:22.0076 3124 CLFS - ok
10:18:22.0232 3124 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:18:22.0232 3124 CmBatt - ok
10:18:22.0326 3124 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
10:18:22.0326 3124 cmdide - ok
10:18:22.0357 3124 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:18:22.0357 3124 Compbatt - ok
10:18:22.0482 3124 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
10:18:22.0498 3124 crcdisk - ok
10:18:22.0576 3124 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
10:18:22.0576 3124 Crusoe - ok
10:18:22.0669 3124 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:18:22.0669 3124 DfsC - ok
10:18:22.0825 3124 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:18:22.0841 3124 disk - ok
10:18:22.0919 3124 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
10:18:22.0919 3124 DKbFltr - ok
10:18:22.0981 3124 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:18:22.0981 3124 drmkaud - ok
10:18:23.0153 3124 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:18:23.0153 3124 DXGKrnl - ok
10:18:23.0293 3124 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:18:23.0309 3124 E1G60 - ok
10:18:23.0418 3124 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:18:23.0418 3124 Ecache - ok
10:18:23.0605 3124 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
10:18:23.0605 3124 elxstor - ok
10:18:23.0808 3124 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:18:23.0824 3124 exfat - ok
10:18:23.0886 3124 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:18:23.0886 3124 fastfat - ok
10:18:23.0948 3124 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
10:18:23.0948 3124 fdc - ok
10:18:24.0011 3124 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:18:24.0011 3124 FileInfo - ok
10:18:24.0182 3124 FileMonitor (8a231081166d912d5ef4e525f5a1cb7b) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
10:18:24.0182 3124 FileMonitor - ok
10:18:24.0338 3124 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:18:24.0354 3124 Filetrace - ok
10:18:24.0416 3124 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
10:18:24.0416 3124 flpydisk - ok
10:18:24.0479 3124 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:18:24.0479 3124 FltMgr - ok
10:18:24.0666 3124 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
10:18:24.0666 3124 fssfltr - ok
10:18:24.0744 3124 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:18:24.0744 3124 Fs_Rec - ok
10:18:24.0791 3124 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
10:18:24.0791 3124 gagp30kx - ok
10:18:24.0962 3124 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:18:24.0978 3124 HdAudAddService - ok
10:18:25.0056 3124 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:18:25.0087 3124 HDAudBus - ok
10:18:25.0212 3124 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:18:25.0212 3124 HidBth - ok
10:18:25.0259 3124 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:18:25.0259 3124 HidIr - ok
10:18:25.0337 3124 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:18:25.0337 3124 HidUsb - ok
10:18:25.0384 3124 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
10:18:25.0384 3124 HpCISSs - ok
10:18:25.0524 3124 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:18:25.0540 3124 HSFHWAZL - ok
10:18:25.0649 3124 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:18:25.0664 3124 HSF_DPV - ok
10:18:25.0820 3124 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:18:25.0820 3124 HSXHWAZL - ok
10:18:25.0914 3124 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:18:25.0930 3124 HTTP - ok
10:18:26.0070 3124 hwdatacard (4154079a88089155d10168333b19627f) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:18:26.0070 3124 hwdatacard - ok
10:18:26.0148 3124 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
10:18:26.0148 3124 i2omp - ok
10:18:26.0210 3124 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:18:26.0210 3124 i8042prt - ok
10:18:26.0429 3124 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:18:26.0476 3124 ialm - ok
10:18:26.0678 3124 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
10:18:26.0678 3124 iaStor - ok
10:18:26.0756 3124 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
10:18:26.0756 3124 iaStorV - ok
10:18:26.0975 3124 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:18:27.0006 3124 igfx - ok
10:18:27.0162 3124 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:18:27.0162 3124 iirsp - ok
10:18:27.0240 3124 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Windows\system32\drivers\int15.sys
10:18:27.0240 3124 int15 - ok
10:18:27.0334 3124 IntcAzAudAddService (389f5d4859f4300d52ead838f1a17131) C:\Windows\system32\drivers\RTKVHDA.sys
10:18:27.0365 3124 IntcAzAudAddService - ok
10:18:27.0552 3124 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:18:27.0552 3124 intelide - ok
10:18:27.0614 3124 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:18:27.0614 3124 intelppm - ok
10:18:27.0708 3124 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:18:27.0724 3124 IpFilterDriver - ok
10:18:27.0833 3124 IpInIp - ok
10:18:27.0926 3124 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
10:18:27.0926 3124 IPMIDRV - ok
10:18:27.0989 3124 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:18:27.0989 3124 IPNAT - ok
10:18:28.0114 3124 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:18:28.0114 3124 IRENUM - ok
10:18:28.0223 3124 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
10:18:28.0223 3124 isapnp - ok
10:18:28.0285 3124 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:18:28.0301 3124 iScsiPrt - ok
10:18:28.0410 3124 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:18:28.0410 3124 iteatapi - ok
10:18:28.0488 3124 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:18:28.0504 3124 iteraid - ok
10:18:28.0566 3124 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:18:28.0566 3124 kbdclass - ok
10:18:28.0613 3124 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
10:18:28.0613 3124 kbdhid - ok
10:18:28.0831 3124 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:18:28.0831 3124 KSecDD - ok
10:18:29.0050 3124 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:18:29.0050 3124 lltdio - ok
10:18:29.0143 3124 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
10:18:29.0143 3124 LSI_FC - ok
10:18:29.0174 3124 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
10:18:29.0174 3124 LSI_SAS - ok
10:18:29.0299 3124 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
10:18:29.0299 3124 LSI_SCSI - ok
10:18:29.0393 3124 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:18:29.0393 3124 luafv - ok
10:18:29.0533 3124 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:18:29.0533 3124 mdmxsdk - ok
10:18:29.0627 3124 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
10:18:29.0627 3124 megasas - ok
10:18:29.0674 3124 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:18:29.0689 3124 Modem - ok
10:18:29.0798 3124 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:18:29.0814 3124 monitor - ok
10:18:29.0892 3124 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:18:29.0908 3124 mouclass - ok
10:18:29.0939 3124 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:18:29.0939 3124 mouhid - ok
10:18:30.0064 3124 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:18:30.0064 3124 MountMgr - ok
10:18:30.0142 3124 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
10:18:30.0157 3124 mpio - ok
10:18:30.0204 3124 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:18:30.0220 3124 mpsdrv - ok
10:18:30.0360 3124 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:18:30.0360 3124 Mraid35x - ok
10:18:30.0469 3124 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:18:30.0469 3124 MRxDAV - ok
10:18:30.0532 3124 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:18:30.0532 3124 mrxsmb - ok
10:18:30.0641 3124 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:18:30.0656 3124 mrxsmb10 - ok
10:18:30.0734 3124 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:18:30.0734 3124 mrxsmb20 - ok
10:18:30.0781 3124 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
10:18:30.0781 3124 msahci - ok
10:18:30.0828 3124 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
10:18:30.0828 3124 msdsm - ok
10:18:31.0000 3124 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:18:31.0000 3124 Msfs - ok
10:18:31.0078 3124 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:18:31.0093 3124 msisadrv - ok
10:18:31.0265 3124 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:18:31.0265 3124 MSKSSRV - ok
10:18:31.0327 3124 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:18:31.0327 3124 MSPCLOCK - ok
10:18:31.0358 3124 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:18:31.0358 3124 MSPQM - ok
10:18:31.0421 3124 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:18:31.0452 3124 MsRPC - ok
10:18:31.0592 3124 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:18:31.0592 3124 mssmbios - ok
10:18:31.0670 3124 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:18:31.0670 3124 MSTEE - ok
10:18:31.0733 3124 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:18:31.0733 3124 Mup - ok
10:18:31.0904 3124 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:18:31.0904 3124 NativeWifiP - ok
10:18:32.0014 3124 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:18:32.0029 3124 NDIS - ok
10:18:32.0154 3124 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:18:32.0154 3124 NdisTapi - ok
10:18:32.0248 3124 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:18:32.0248 3124 Ndisuio - ok
10:18:32.0310 3124 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:18:32.0310 3124 NdisWan - ok
10:18:32.0450 3124 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:18:32.0466 3124 NDProxy - ok
10:18:32.0528 3124 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:18:32.0544 3124 NetBIOS - ok
10:18:32.0606 3124 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:18:32.0622 3124 netbt - ok
10:18:32.0840 3124 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
10:18:32.0887 3124 NETw3v32 - ok
10:18:33.0090 3124 NETw4v32 (cb3af516a6797b27725e3f1e73f3496c) C:\Windows\system32\DRIVERS\NETw4v32.sys
10:18:33.0137 3124 NETw4v32 - ok
10:18:33.0418 3124 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
10:18:33.0542 3124 NETw5v32 - ok
10:18:33.0698 3124 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:18:33.0698 3124 nfrd960 - ok
10:18:33.0761 3124 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:18:33.0776 3124 Npfs - ok
10:18:33.0823 3124 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:18:33.0823 3124 nsiproxy - ok
10:18:34.0042 3124 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:18:34.0057 3124 Ntfs - ok
10:18:34.0213 3124 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
10:18:34.0213 3124 NTIDrvr - ok
10:18:34.0291 3124 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:18:34.0291 3124 ntrigdigi - ok
10:18:34.0354 3124 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:18:34.0354 3124 Null - ok
10:18:34.0400 3124 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
10:18:34.0400 3124 nvraid - ok
10:18:34.0494 3124 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
10:18:34.0510 3124 nvstor - ok
10:18:34.0572 3124 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
10:18:34.0572 3124 nv_agp - ok
10:18:34.0603 3124 NwlnkFlt - ok
10:18:34.0634 3124 NwlnkFwd - ok
10:18:34.0666 3124 O2MDRDR (36ed541ff0ad27d7f1c1e8f86f026309) C:\Windows\system32\DRIVERS\o2media.sys
10:18:34.0666 3124 O2MDRDR - ok
10:18:34.0697 3124 O2SDRDR (f3d467025d365a96b5e51c6229562716) C:\Windows\system32\DRIVERS\o2sd.sys
10:18:34.0697 3124 O2SDRDR - ok
10:18:34.0775 3124 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
10:18:34.0775 3124 ohci1394 - ok
10:18:34.0837 3124 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:18:34.0837 3124 Parport - ok
10:18:34.0962 3124 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:18:34.0978 3124 partmgr - ok
10:18:35.0056 3124 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:18:35.0056 3124 Parvdm - ok
10:18:35.0134 3124 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:18:35.0134 3124 pci - ok
10:18:35.0243 3124 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
10:18:35.0243 3124 pciide - ok
10:18:35.0321 3124 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
10:18:35.0336 3124 pcmcia - ok
10:18:35.0399 3124 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:18:35.0414 3124 PEAUTH - ok
10:18:35.0648 3124 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:18:35.0648 3124 PptpMiniport - ok
10:18:35.0695 3124 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
10:18:35.0695 3124 Processor - ok
10:18:35.0773 3124 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:18:35.0773 3124 PSched - ok
10:18:35.0945 3124 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
10:18:35.0945 3124 PxHelp20 - ok
10:18:36.0038 3124 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
10:18:36.0054 3124 ql2300 - ok
10:18:36.0210 3124 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:18:36.0210 3124 ql40xx - ok
10:18:36.0288 3124 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:18:36.0304 3124 QWAVEdrv - ok
10:18:36.0366 3124 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:18:36.0366 3124 RasAcd - ok
10:18:36.0506 3124 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:18:36.0522 3124 Rasl2tp - ok
10:18:36.0584 3124 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:18:36.0600 3124 RasPppoe - ok
10:18:36.0647 3124 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:18:36.0662 3124 RasSstp - ok
10:18:36.0725 3124 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:18:36.0725 3124 rdbss - ok
10:18:36.0896 3124 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:18:36.0896 3124 RDPCDD - ok
10:18:36.0959 3124 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
10:18:36.0974 3124 rdpdr - ok
10:18:37.0115 3124 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:18:37.0115 3124 RDPENCDD - ok
10:18:37.0224 3124 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:18:37.0240 3124 RDPWD - ok
10:18:37.0396 3124 RegFilter (6799a96873bf74f5c640b02ca04aa50c) C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
10:18:37.0396 3124 RegFilter - ok
10:18:37.0552 3124 rootrepeal - ok
10:18:37.0723 3124 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:18:37.0723 3124 rspndr - ok
10:18:37.0786 3124 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:18:37.0786 3124 RTL8169 - ok
10:18:37.0832 3124 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:18:37.0848 3124 sbp2port - ok
10:18:37.0910 3124 sdbus (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
10:18:37.0910 3124 sdbus - ok
10:18:38.0082 3124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:18:38.0082 3124 secdrv - ok
10:18:38.0144 3124 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:18:38.0144 3124 Serenum - ok
10:18:38.0191 3124 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:18:38.0191 3124 Serial - ok
10:18:38.0254 3124 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:18:38.0254 3124 sermouse - ok
10:18:38.0441 3124 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
10:18:38.0441 3124 sffdisk - ok
10:18:38.0488 3124 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
10:18:38.0488 3124 sffp_mmc - ok
10:18:38.0519 3124 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
10:18:38.0519 3124 sffp_sd - ok
10:18:38.0566 3124 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:18:38.0566 3124 sfloppy - ok
10:18:38.0753 3124 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
10:18:38.0753 3124 sisagp - ok
10:18:38.0784 3124 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
10:18:38.0784 3124 SiSRaid2 - ok
10:18:38.0831 3124 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
10:18:38.0831 3124 SiSRaid4 - ok
10:18:38.0909 3124 SmartDefragDriver (46b40982af166bf89c3f51fb13e60d6d) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:18:38.0909 3124 SmartDefragDriver - ok
10:18:39.0049 3124 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:18:39.0049 3124 Smb - ok
10:18:39.0190 3124 SNP2UVC (53d1e2ecbf26b313ffdd2b8ba3d2f66e) C:\Windows\system32\DRIVERS\snp2uvc.sys
10:18:39.0221 3124 SNP2UVC - ok
10:18:39.0392 3124 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:18:39.0408 3124 spldr - ok
10:18:39.0486 3124 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:18:39.0502 3124 srv - ok
10:18:39.0658 3124 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:18:39.0673 3124 srv2 - ok
10:18:39.0751 3124 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:18:39.0767 3124 srvnet - ok
10:18:39.0829 3124 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:18:39.0829 3124 swenum - ok
10:18:39.0985 3124 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:18:39.0985 3124 Symc8xx - ok
10:18:40.0032 3124 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:18:40.0032 3124 Sym_hi - ok
10:18:40.0079 3124 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:18:40.0079 3124 Sym_u3 - ok
10:18:40.0126 3124 SynTP (5d6e865780aae258aba1a1484782cfec) C:\Windows\system32\DRIVERS\SynTP.sys
10:18:40.0126 3124 SynTP - ok
10:18:40.0344 3124 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
10:18:40.0375 3124 Tcpip - ok
10:18:40.0562 3124 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
10:18:40.0578 3124 Tcpip6 - ok
10:18:40.0718 3124 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:18:40.0734 3124 tcpipreg - ok
10:18:40.0796 3124 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:18:40.0796 3124 TDPIPE - ok
10:18:40.0843 3124 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:18:40.0843 3124 TDTCP - ok
10:18:40.0906 3124 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:18:40.0906 3124 tdx - ok
10:18:41.0077 3124 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:18:41.0077 3124 TermDD - ok
10:18:41.0202 3124 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:18:41.0202 3124 tssecsrv - ok
10:18:41.0264 3124 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:18:41.0264 3124 tunmp - ok
10:18:41.0436 3124 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:18:41.0436 3124 tunnel - ok
10:18:41.0498 3124 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
10:18:41.0498 3124 uagp35 - ok
10:18:41.0545 3124 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:18:41.0561 3124 udfs - ok
10:18:41.0717 3124 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
10:18:41.0717 3124 uliagpkx - ok
10:18:41.0795 3124 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
10:18:41.0810 3124 uliahci - ok
10:18:41.0857 3124 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:18:41.0857 3124 UlSata - ok
10:18:41.0982 3124 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:18:41.0982 3124 ulsata2 - ok
10:18:42.0060 3124 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:18:42.0076 3124 umbus - ok
10:18:42.0232 3124 UrlFilter (115d1fc230548904dea317867c924c4a) C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
10:18:42.0232 3124 UrlFilter - ok
10:18:42.0372 3124 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:18:42.0372 3124 usbccgp - ok
10:18:42.0450 3124 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:18:42.0466 3124 usbcir - ok
10:18:42.0528 3124 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:18:42.0528 3124 usbehci - ok
10:18:42.0668 3124 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:18:42.0684 3124 usbhub - ok
10:18:42.0762 3124 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:18:42.0762 3124 usbohci - ok
10:18:42.0809 3124 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
10:18:42.0809 3124 usbprint - ok
10:18:42.0856 3124 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:18:42.0856 3124 USBSTOR - ok
10:18:42.0996 3124 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:18:42.0996 3124 usbuhci - ok
10:18:43.0074 3124 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
10:18:43.0074 3124 usbvideo - ok
10:18:43.0136 3124 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
10:18:43.0136 3124 vga - ok
10:18:43.0277 3124 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:18:43.0277 3124 VgaSave - ok
10:18:43.0339 3124 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
10:18:43.0339 3124 viaagp - ok
10:18:43.0386 3124 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
10:18:43.0386 3124 ViaC7 - ok
10:18:43.0417 3124 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
10:18:43.0417 3124 viaide - ok
10:18:43.0573 3124 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:18:43.0573 3124 volmgr - ok
10:18:43.0651 3124 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:18:43.0667 3124 volmgrx - ok
10:18:43.0760 3124 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:18:43.0776 3124 volsnap - ok
10:18:43.0901 3124 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
10:18:43.0901 3124 vsmraid - ok
10:18:43.0994 3124 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:18:44.0010 3124 WacomPen - ok
10:18:44.0072 3124 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:44.0072 3124 Wanarp - ok
10:18:44.0088 3124 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:44.0088 3124 Wanarpv6 - ok
10:18:44.0244 3124 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
10:18:44.0244 3124 Wd - ok
10:18:44.0338 3124 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:18:44.0353 3124 Wdf01000 - ok
10:18:44.0618 3124 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:18:44.0634 3124 winachsf - ok
10:18:44.0884 3124 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:18:44.0884 3124 WmiAcpi - ok
10:18:44.0993 3124 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:18:44.0993 3124 WpdUsb - ok
10:18:45.0055 3124 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:18:45.0055 3124 ws2ifsl - ok
10:18:45.0258 3124 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:18:45.0274 3124 WUDFRd - ok
10:18:45.0320 3124 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
10:18:45.0320 3124 XAudio - ok
10:18:45.0398 3124 MBR (0x1B8) (0dce9a450e9979b9640d57e81152a29d) \Device\Harddisk0\DR0
10:18:45.0617 3124 \Device\Harddisk0\DR0 - ok
10:18:45.0632 3124 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk2\DR3
10:18:45.0632 3124 \Device\Harddisk2\DR3 - ok
10:18:45.0664 3124 Boot (0x1200) (fc04e8f2012db2a6ca0192c0571cfebb) \Device\Harddisk0\DR0\Partition0
10:18:45.0679 3124 \Device\Harddisk0\DR0\Partition0 - ok
10:18:45.0695 3124 Boot (0x1200) (f8a7398d103c8b5fe1c4b5b1c122c610) \Device\Harddisk0\DR0\Partition1
10:18:45.0710 3124 \Device\Harddisk0\DR0\Partition1 - ok
10:18:45.0710 3124 Boot (0x1200) (9e2a3409dc3d973c1e1647aa2650a29a) \Device\Harddisk2\DR3\Partition0
10:18:45.0710 3124 \Device\Harddisk2\DR3\Partition0 - ok
10:18:45.0710 3124 ============================================================
10:18:45.0710 3124 Scan finished
10:18:45.0710 3124 ============================================================
10:18:45.0742 3732 Detected object count: 0
10:18:45.0742 3732 Actual detected object count: 0
10:23:17.0835 2260 Deinitialize success
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby Gary R » September 28th, 2011, 9:52 am

OK let's take care of the things I've seen so far, and we'll see where that gets us ....

First

Please go to Control Panel > Programs > uninstall a program and Uninstall the following:


µTorrent
Advanced SystemCare 4
IObit Malware Fighter
J2SE Runtime Environment 5.0 Update 3


Use of P2P programs are a prime cause for contracting infections, this forum insists on their removal as a condition of our help.

IOBit have a bad name in the security community, and a record of stealing other people's copyrighted work and incorporating it into their product ...... http://forums.malwarebytes.org/index.ph ... opic=29681

Old versions of Java can be exploited, even if you're using the latest version.

Once those programs have been uninstalled reboot your computer.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
PRC - [2011/08/25 10:35:18 | 001,584,472 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/08/09 16:40:34 | 000,763,224 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/07/20 12:19:44 | 004,393,816 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
DRV - [2011/07/11 14:40:40 | 000,018,768 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 00:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 00:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/11/26 18:02:28 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware-en.com/en/index.php?rvs=hompag
FF - prefs.js..browser.search.defaultthis.engineName: "Games Bar 1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2452474&SearchSource=3&q={searchTerms}"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
[2010/03/16 12:31:42 | 000,000,925 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\conduit.xml
[2011/09/24 13:08:29 | 000,002,207 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\MyStart Search.xml
CHR - default_search_provider: search_url = http://mystart.incredimail.com/mb59/?search={searchTerms}&loc=search_box&u=92260089027323328
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-807008389-1619455337-1411209659-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_03)
[1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ]
[2011/09/08 22:44:13 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011/09/08 22:44:13 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2009/12/23 17:08:52 | 000,006,542 | ---- | C] () -- C:\Windows\2z559spy97c.dll
[2009/12/16 13:47:50 | 000,007,943 | ---- | C] () -- C:\Windows\System32\7264tro5988z.dll
[2009/11/27 12:27:33 | 000,009,190 | ---- | C] () -- C:\Windows\39z79p564b.dll
[2009/11/23 03:55:20 | 000,003,495 | ---- | C] () -- C:\Windows\System32\89z0wo95569.dll
[2009/11/20 17:05:53 | 000,002,803 | ---- | C] () -- C:\Windows\System32\98e6backdo5z904.bin
[2009/11/20 08:55:14 | 000,016,892 | ---- | C] () -- C:\Windows\System32\15326zp91595.bin
[2009/11/18 17:10:03 | 000,017,920 | ---- | C] () -- C:\Windows\System32\1429zpyw5r92859.exe
[2009/11/17 12:48:38 | 000,011,371 | ---- | C] () -- C:\Windows\System32\19616zpy69f5.bin
[2009/11/17 07:48:36 | 000,010,386 | ---- | C] () -- C:\Windows\System32\78cdo59loazer340.exe
[2009/11/17 00:45:49 | 000,004,608 | ---- | C] () -- C:\Windows\System32\17ffzp9ware1502.exe
[2009/11/07 01:42:52 | 000,006,582 | ---- | C] () -- C:\Windows\System32\193czte5l2610.dll
[2009/11/07 01:42:51 | 000,017,135 | ---- | C] () -- C:\Windows\System32\d53zhre9t9580.dll
[2009/11/07 01:42:50 | 000,014,108 | ---- | C] () -- C:\Windows\27936spy445z.bin
[2009/11/07 01:42:47 | 000,004,446 | ---- | C] () -- C:\Windows\113cvi594z.bin
[2009/11/07 01:42:43 | 000,008,446 | ---- | C] () -- C:\Windows\System32\3509downl95der8z1.dll
[2009/11/07 01:42:26 | 000,006,346 | ---- | C] () -- C:\Windows\System32\125579irzs5a3.dll
[2009/11/07 01:42:20 | 000,015,027 | ---- | C] () -- C:\Windows\System32\25680trojzc95.dll
[2009/11/07 01:42:19 | 000,009,053 | ---- | C] () -- C:\Windows\System32\5zc9sparse834.bin
[2009/11/07 01:42:19 | 000,007,690 | ---- | C] () -- C:\Windows\System32\1900sza5se999.exe
[2009/11/07 01:42:18 | 000,012,346 | ---- | C] () -- C:\Windows\System32\1222szea929905.exe
[2009/11/07 01:42:18 | 000,010,253 | ---- | C] () -- C:\Windows\150d5hrezt28950.bin
[2009/11/07 01:42:17 | 000,005,446 | ---- | C] () -- C:\Windows\System32\4168downlo9ze51257.exe
[2009/11/07 01:42:17 | 000,003,778 | ---- | C] () -- C:\Windows\System32\86799py55z.dll
[2009/11/07 01:42:16 | 000,012,114 | ---- | C] () -- C:\Windows\15z0295y699.bin
[2009/11/07 01:42:13 | 000,014,326 | ---- | C] () -- C:\Windows\System32\95a5viz943.dll
[2009/11/07 01:42:13 | 000,008,053 | ---- | C] () -- C:\Windows\3243z5or9652.bin
[2009/11/07 01:42:12 | 000,011,789 | ---- | C] () -- C:\Windows\System32\5607vir2z92.dll
[2009/11/07 01:42:12 | 000,009,417 | ---- | C] () -- C:\Windows\2cabspywzr91525.exe
[2009/11/07 01:42:11 | 000,009,004 | ---- | C] () -- C:\Windows\System32\4226spywa9z5140.bin
[2009/11/07 01:42:11 | 000,004,675 | ---- | C] () -- C:\Windows\System32\29624spy5d7z.bin
[2009/11/07 01:42:11 | 000,004,026 | ---- | C] () -- C:\Windows\7041downlza9er9195.bin
[2009/11/07 01:42:11 | 000,003,603 | ---- | C] () -- C:\Windows\15268s9y3b9z.exe
[2009/11/07 01:42:11 | 000,002,605 | ---- | C] () -- C:\Windows\17z10not-a-vi59s638.bin
[2009/11/04 09:49:14 | 000,014,327 | ---- | C] () -- C:\Windows\49165hiez23389.bin
[2009/11/02 14:53:17 | 000,014,856 | ---- | C] () -- C:\Windows\System32\7d4etz5eat58239.bin
[2009/10/22 12:22:42 | 000,009,640 | ---- | C] () -- C:\Windows\525sparsz209.dll
[2009/10/19 21:23:52 | 000,007,101 | ---- | C] () -- C:\Windows\System32\16e9a5kdoor1047z.exe
[2009/10/18 10:14:59 | 000,004,911 | ---- | C] () -- C:\Windows\70659ir144z5.exe
[2009/10/04 02:48:34 | 000,008,883 | ---- | C] () -- C:\Windows\319315rojz9.exe
[2009/09/25 17:18:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/25 17:18:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 09:34:30 | 000,014,465 | ---- | C] () -- C:\Windows\System32\23e95p9rse133z.exe
[2009/09/17 18:27:33 | 000,003,929 | ---- | C] () -- C:\Windows\4deas9azse159.bin
[2009/09/12 01:51:38 | 000,012,566 | ---- | C] () -- C:\Windows\System32\7a98add5aze4769.dll
[2009/09/07 08:28:31 | 000,010,775 | ---- | C] () -- C:\Windows\System32\13110sz94e5.exe
[2009/09/06 08:10:57 | 000,002,997 | ---- | C] () -- C:\Windows\z860s9arse2755.exe
[2009/09/01 13:48:53 | 000,009,379 | ---- | C] () -- C:\Windows\System32\1z955tro9297.dll
[2009/08/17 14:55:36 | 000,002,763 | ---- | C] () -- C:\Windows\z08915o9m5b4.exe
[2009/08/09 01:26:54 | 000,010,162 | ---- | C] () -- C:\Windows\484c9zief2925.bin
[2009/08/08 00:38:41 | 000,011,633 | ---- | C] () -- C:\Windows\System32\41b3s9a5se29z5.exe
[2009/08/04 11:02:00 | 000,011,415 | ---- | C] () -- C:\Windows\System32\3759zor56289.exe
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/08/02 18:25:21 | 000,004,862 | ---- | C] () -- C:\Windows\System32\79z4troj2f35.bin
[2009/07/27 20:34:39 | 000,009,175 | ---- | C] () -- C:\Windows\27472hack5ozl69f.bin
[2009/07/26 12:59:27 | 000,012,337 | ---- | C] () -- C:\Windows\System32\91zsparse458.bin
[2009/07/23 21:02:34 | 000,016,942 | ---- | C] () -- C:\Windows\System32\13555sz9mbot7c9.bin
[2009/07/22 19:51:44 | 000,005,683 | ---- | C] () -- C:\Windows\System32\6z1159rm14.dll
[2009/06/27 01:50:00 | 000,016,554 | ---- | C] () -- C:\Windows\System32\25bzsparse598.exe
[2009/06/23 12:21:20 | 000,008,704 | ---- | C] () -- C:\Windows\71855zckdo9r1804.dll
[2009/06/14 05:02:09 | 000,013,474 | ---- | C] () -- C:\Windows\7179sze5l3079.bin
[2009/05/27 01:28:51 | 000,010,131 | ---- | C] () -- C:\Windows\System32\2bzet9r5at25667.exe
[2009/05/16 07:21:47 | 000,008,053 | ---- | C] () -- C:\Windows\System32\31979sz5739.exe
[2009/05/15 11:36:17 | 000,004,033 | ---- | C] () -- C:\Windows\6de2spazse22529.dll
[2009/05/14 16:18:28 | 000,008,293 | ---- | C] () -- C:\Windows\System32\159825roj45z.dll
[2009/05/12 20:43:32 | 000,001,356 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2009/05/11 09:41:11 | 000,008,962 | ---- | C] () -- C:\Windows\584dsp9rze30955.bin
[2009/05/06 03:01:06 | 000,006,016 | ---- | C] () -- C:\Windows\13975tzoj4b5.bin
[2009/05/03 00:07:32 | 000,003,109 | ---- | C] () -- C:\Windows\1f67z59790.bin
[2009/05/01 06:56:44 | 000,004,178 | ---- | C] () -- C:\Windows\9125wzr952.dll
[2009/04/25 07:25:41 | 000,007,460 | ---- | C] () -- C:\Windows\6eazs5e9l2686.bin
[2009/04/20 22:53:52 | 000,004,238 | ---- | C] () -- C:\Windows\506429irzs74f.dll
[2009/04/18 08:00:56 | 000,009,149 | ---- | C] () -- C:\Windows\92920s5yz38.bin
[2009/04/17 18:06:46 | 000,013,682 | ---- | C] () -- C:\Windows\System32\594zhie51492.dll
[2009/04/08 22:00:46 | 000,006,083 | ---- | C] () -- C:\Windows\60c2s95waze1742.exe
[2009/04/04 05:34:25 | 000,003,873 | ---- | C] () -- C:\Windows\25c2v9z483.exe
[2009/03/26 09:05:45 | 000,007,546 | ---- | C] () -- C:\Windows\System32\160765ackz9ol7ea.bin
[2009/03/15 06:55:22 | 000,002,863 | ---- | C] () -- C:\Windows\System32\21999tzoj6a45.exe
[2009/03/05 18:32:10 | 000,002,737 | ---- | C] () -- C:\Windows\7367vi9567z.dll
[2009/03/01 17:32:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/02/26 22:43:08 | 000,015,631 | ---- | C] () -- C:\Windows\System32\6z56t9oj307.exe
[2009/02/26 12:07:19 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/21 05:55:05 | 000,012,478 | ---- | C] () -- C:\Windows\System32\1faft9rzat271955.bin
[2009/02/19 08:23:24 | 000,012,245 | ---- | C] () -- C:\Windows\System32\35d79iz3219.dll
[2009/01/23 15:27:04 | 000,008,865 | ---- | C] () -- C:\Windows\System32\5915zpy3ae.exe
[2009/01/19 22:39:18 | 000,005,461 | ---- | C] () -- C:\Windows\System32\9260vi5z039.exe
[2009/01/08 21:11:05 | 000,012,006 | ---- | C] () -- C:\Windows\System32\40ba9zarse5992.dll
[2008/12/25 11:29:12 | 000,006,208 | ---- | C] () -- C:\Windows\System32\25429vi5zs2c5.exe
[2008/12/24 18:43:07 | 000,015,524 | ---- | C] () -- C:\Windows\z8456s9y28b.bin
[2008/12/15 01:27:21 | 000,008,561 | ---- | C] () -- C:\Windows\System32\3795zparse2845.dll
[2008/12/14 23:48:16 | 000,008,306 | ---- | C] () -- C:\Windows\System32\6e9es5ezl2161.bin
[2008/12/12 22:53:19 | 000,002,905 | ---- | C] () -- C:\Windows\2595trojz60.dll
[2008/12/11 10:03:05 | 000,006,476 | ---- | C] () -- C:\Windows\System32\955czir922.dll
[2008/11/29 20:24:46 | 000,018,944 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/28 18:05:28 | 000,012,996 | ---- | C] () -- C:\Windows\System32\25499tr5j2z9.bin
[2008/11/07 19:48:01 | 000,009,809 | ---- | C] () -- C:\Windows\System32\7027tro96a5z.exe
[2008/10/28 01:30:41 | 000,005,020 | ---- | C] () -- C:\Windows\System32\4945zo9m72e.exe
[2008/10/20 06:54:04 | 000,008,499 | ---- | C] () -- C:\Windows\System32\39202t5zj2ea.dll
[2008/10/14 19:30:31 | 000,005,034 | ---- | C] () -- C:\Windows\System32\5989ir5z799.exe
[2008/10/13 19:22:13 | 000,003,029 | ---- | C] () -- C:\Windows\System32\549bvir84z.exe
[2008/10/13 10:01:53 | 000,013,135 | ---- | C] () -- C:\Windows\e15spyw9rz1147.bin
[2008/10/04 11:48:27 | 000,017,043 | ---- | C] () -- C:\Windows\771at95ef2z45.bin
[2008/10/04 06:55:00 | 000,002,687 | ---- | C] () -- C:\Windows\157359rzj655.bin
[2008/09/28 21:36:13 | 000,002,522 | ---- | C] () -- C:\Windows\System32\13583zir5s95e.bin
[2008/09/25 09:13:50 | 000,015,445 | ---- | C] () -- C:\Windows\za51sparse5359.bin
[2008/09/24 09:34:32 | 000,007,943 | ---- | C] () -- C:\Windows\System32\79a3st5az479.dll
[2008/09/21 04:18:37 | 000,008,239 | ---- | C] () -- C:\Windows\3559not-a-vizu925a.bin
[2008/09/20 07:43:29 | 000,010,903 | ---- | C] () -- C:\Windows\System32\57095tro9za.bin
[2008/09/12 17:15:33 | 000,016,191 | ---- | C] () -- C:\Windows\System32\4d33b9c5dooz3258.dll
[2008/09/07 01:07:58 | 000,014,817 | ---- | C] () -- C:\Windows\555ds9arse31z7.bin
[2008/08/21 17:10:53 | 000,002,892 | ---- | C] () -- C:\Windows\System32\195725acktoz914.dll
[2008/08/12 21:31:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/08/11 09:27:57 | 000,013,782 | ---- | C] () -- C:\Windows\System32\76a1down5zad9r651.bin
[2008/08/07 00:05:31 | 000,005,317 | ---- | C] () -- C:\Windows\z7050tro529c.bin
[2008/07/26 10:11:17 | 000,018,197 | ---- | C] () -- C:\Windows\System32\5220stez9763.exe
[2008/07/25 15:15:32 | 000,013,196 | ---- | C] () -- C:\Windows\System32\3649v59usz9.exe
[2008/07/23 15:36:24 | 000,006,934 | ---- | C] () -- C:\Windows\18269hie521z8.dll
[2008/07/22 17:33:30 | 000,015,042 | ---- | C] () -- C:\Windows\System32\53d79ir1515z.exe
[2008/07/18 01:21:52 | 000,009,333 | ---- | C] () -- C:\Windows\System32\29055troj554z.bin
[2008/07/17 13:23:41 | 000,014,925 | ---- | C] () -- C:\Windows\System32\75f2backdo9z2912.bin
[2008/07/14 19:19:01 | 000,003,245 | ---- | C] () -- C:\Windows\System32\7dcdzdd5ar91830.exe
[2008/07/12 12:42:07 | 000,008,855 | ---- | C] () -- C:\Windows\3e8fs9yw5rz911.exe
[2008/07/12 10:01:22 | 000,005,920 | ---- | C] () -- C:\Windows\3z81v9r28495.dll
[2008/07/11 02:39:29 | 000,014,361 | ---- | C] () -- C:\Windows\System32\21cf5ir9065z.exe
[2008/07/08 14:04:32 | 000,012,753 | ---- | C] () -- C:\Windows\3279tzo5254.bin
[2008/07/05 11:14:48 | 000,456,192 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008/07/05 11:14:44 | 003,591,168 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/07/05 11:13:16 | 000,708,096 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008/07/04 23:09:09 | 000,009,546 | ---- | C] () -- C:\Windows\650csp5z9re1643.exe
[2008/06/22 17:34:00 | 000,177,664 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/06/21 17:05:33 | 000,007,981 | ---- | C] () -- C:\Windows\1z093tr5j115.dll
[2008/06/18 04:32:24 | 000,018,193 | ---- | C] () -- C:\Windows\System32\39bv5r2902z.exe
[2008/06/13 11:39:38 | 000,023,552 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008/06/12 18:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/06/10 03:42:30 | 000,014,193 | ---- | C] () -- C:\Windows\System32\z97spy3395.dll
[2008/06/04 21:39:04 | 000,012,304 | ---- | C] () -- C:\Windows\System32\655s9y4z1.bin
[2008/06/02 09:43:20 | 000,007,218 | ---- | C] () -- C:\Windows\System32\6a4eaddz9re23305.dll
[2008/05/18 00:05:59 | 000,008,101 | ---- | C] () -- C:\Windows\29f0sparsz2795.exe
[2008/05/15 00:55:59 | 000,008,609 | ---- | C] () -- C:\Windows\System32\79f2zhrea95803.exe
[2008/05/12 17:10:22 | 000,014,246 | ---- | C] () -- C:\Windows\System32\6a15zir13029.bin
[2008/05/10 10:47:37 | 000,010,525 | ---- | C] () -- C:\Windows\System32\5ac5zparse9498.exe
[2008/05/07 22:45:02 | 000,007,962 | ---- | C] () -- C:\Windows\System32\3bb9v591z32.exe
[2008/04/25 19:18:46 | 000,015,852 | ---- | C] () -- C:\Windows\System32\5e5asparsez849.bin
[2008/04/14 05:35:02 | 000,005,633 | ---- | C] () -- C:\Windows\6789tzi5f422.bin
[2008/04/10 16:11:33 | 000,004,426 | ---- | C] () -- C:\Windows\System32\18966spamz9t543.exe
[2008/04/08 11:11:53 | 000,013,622 | ---- | C] () -- C:\Windows\6c59virz43.bin
[2008/04/08 07:32:02 | 000,011,730 | ---- | C] () -- C:\Windows\System32\25b9addw9r529z3.bin
[2008/04/04 15:38:45 | 000,006,214 | ---- | C] () -- C:\Windows\4be495iez1854.bin
[2008/04/02 02:09:00 | 000,010,982 | ---- | C] () -- C:\Windows\3140sp9m5zt1d9.bin
[2008/03/28 03:39:15 | 000,008,743 | ---- | C] () -- C:\Windows\z955vir2931.bin
[2008/03/14 13:54:44 | 000,003,876 | ---- | C] () -- C:\Windows\System32\53cfvir897z.dll
[2008/03/03 18:19:06 | 000,010,096 | ---- | C] () -- C:\Windows\25zfspars9874.bin
[2008/03/01 18:26:09 | 000,009,393 | ---- | C] () -- C:\Windows\92312troj45bz.dll
[2008/02/18 03:00:31 | 000,014,931 | ---- | C] () -- C:\Windows\26680s59752z.bin
[2008/02/16 02:43:39 | 000,013,068 | ---- | C] () -- C:\Windows\System32\9847hzck5oo91b8.bin
[2008/02/13 03:36:35 | 000,016,383 | ---- | C] () -- C:\Windows\1358virz99.bin
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2008/02/07 01:59:44 | 000,005,944 | ---- | C] () -- C:\Windows\b01z9arse85.dll
[2008/02/04 11:46:07 | 000,003,690 | ---- | C] () -- C:\Windows\System32\z0d5vi9954.exe
[2008/01/28 21:33:25 | 000,013,491 | ---- | C] () -- C:\Windows\4542spywa9z1514.bin
[2008/01/25 15:18:43 | 000,010,572 | ---- | C] () -- C:\Windows\System32\6f6z5hie91694.exe
[2008/01/19 23:00:00 | 000,012,392 | ---- | C] () -- C:\Windows\System32\25529tezl1990.exe
[2008/01/16 06:23:59 | 000,012,160 | ---- | C] () -- C:\Windows\zba9sp9rse4905.bin
[2008/01/12 15:09:14 | 000,013,214 | ---- | C] () -- C:\Windows\System32\298bvzr5295.dll
[2008/01/10 01:06:33 | 000,015,818 | ---- | C] () -- C:\Windows\System32\10z07s9y15c.dll
[2008/01/07 07:25:20 | 000,004,177 | ---- | C] () -- C:\Windows\System32\7z78s5a9se529.dll
[2008/01/03 18:47:27 | 000,005,574 | ---- | C] () -- C:\Windows\z7995tr5j1199.exe
[2008/01/01 13:21:27 | 000,004,984 | ---- | C] () -- C:\Windows\3635spazse1907.dll
[2011/09/08 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\IObit
[2009/01/24 22:20:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LimeWire
[2011/07/23 13:18:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2011/08/31 18:56:11 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\IObit

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0968CB48-E962-462A-AF7D-51AF05193FDA}"=-
"{5CFB4CB1-8551-4D23-9536-82A8F6937D34}"=-
"{64CD4D0B-B2BF-4975-908E-3504D019A1C4}"=-

:Files
c:\program files\utorrent
c:\program files\limewire

:Commands
[resethosts]
[emptytemp]
[emptyflash]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • OTL log
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 3:01 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm

Re: my machine takes 10 mins to boot then runs very poorly

Unread postby The Gaffer » September 28th, 2011, 3:03 pm

All processes killed
========== OTL ==========
No active process named SmartDefrag.exe was found!
No active process named PMonitor.exe was found!
No active process named ASCService.exe was found!
No active process named IMFsrv.exe was found!
No active process named IMF.exe was found!
Error: No service named AdvancedSystemCareService was found to stop!
Service\Driver key AdvancedSystemCareService not found.
File C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe not found.
Error: No service named IMFservice was found to stop!
Service\Driver key IMFservice not found.
File C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe not found.
Error: No service named FileMonitor was found to stop!
Service\Driver key FileMonitor not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys not found.
Error: No service named UrlFilter was found to stop!
Service\Driver key UrlFilter not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys not found.
Error: No service named RegFilter was found to stop!
Service\Driver key RegFilter not found.
File C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys not found.
Error: No service named SmartDefragDriver was found to stop!
Service\Driver key SmartDefragDriver not found.
File C:\Windows\System32\Drivers\SmartDefragDriver.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Games Bar 1 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2452474&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
File C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\conduit.xml not found.
File C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\6bsf7j45.default\searchplugins\MyStart Search.xml not found.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-807008389-1619455337-1411209659-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
Registry value HKEY_USERS\S-1-5-21-807008389-1619455337-1411209659-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IObit Malware Fighter not found.
File C:\Program Files\IObit\IObit Malware Fighter\IMF.exe not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found.
File/Folder C:\Users\Chris\Desktop\*.tmp not found.
File C:\Users\Public\Desktop\Advanced SystemCare 4.lnk not found.
File C:\Users\Public\Desktop\Advanced SystemCare 4.lnk not found.
File C:\Windows\2z559spy97c.dll not found.
File C:\Windows\System32\7264tro5988z.dll not found.
File C:\Windows\39z79p564b.dll not found.
File C:\Windows\System32\89z0wo95569.dll not found.
File C:\Windows\System32\98e6backdo5z904.bin not found.
File C:\Windows\System32\15326zp91595.bin not found.
File C:\Windows\System32\1429zpyw5r92859.exe not found.
File C:\Windows\System32\19616zpy69f5.bin not found.
File C:\Windows\System32\78cdo59loazer340.exe not found.
File C:\Windows\System32\17ffzp9ware1502.exe not found.
File C:\Windows\System32\193czte5l2610.dll not found.
File C:\Windows\System32\d53zhre9t9580.dll not found.
File C:\Windows\27936spy445z.bin not found.
File C:\Windows\113cvi594z.bin not found.
File C:\Windows\System32\3509downl95der8z1.dll not found.
File C:\Windows\System32\125579irzs5a3.dll not found.
File C:\Windows\System32\25680trojzc95.dll not found.
File C:\Windows\System32\5zc9sparse834.bin not found.
File C:\Windows\System32\1900sza5se999.exe not found.
File C:\Windows\System32\1222szea929905.exe not found.
File C:\Windows\150d5hrezt28950.bin not found.
File C:\Windows\System32\4168downlo9ze51257.exe not found.
File C:\Windows\System32\86799py55z.dll not found.
File C:\Windows\15z0295y699.bin not found.
File C:\Windows\System32\95a5viz943.dll not found.
File C:\Windows\3243z5or9652.bin not found.
File C:\Windows\System32\5607vir2z92.dll not found.
File C:\Windows\2cabspywzr91525.exe not found.
File C:\Windows\System32\4226spywa9z5140.bin not found.
File C:\Windows\System32\29624spy5d7z.bin not found.
File C:\Windows\7041downlza9er9195.bin not found.
File C:\Windows\15268s9y3b9z.exe not found.
File C:\Windows\17z10not-a-vi59s638.bin not found.
File C:\Windows\49165hiez23389.bin not found.
File C:\Windows\System32\7d4etz5eat58239.bin not found.
File C:\Windows\525sparsz209.dll not found.
File C:\Windows\System32\16e9a5kdoor1047z.exe not found.
File C:\Windows\70659ir144z5.exe not found.
File C:\Windows\319315rojz9.exe not found.
File move failed. C:\Windows\System32\StructuredQuerySchema.bin scheduled to be moved on reboot.
File move failed. C:\Windows\System32\EhStorAuthn.dll scheduled to be moved on reboot.
File C:\Windows\System32\23e95p9rse133z.exe not found.
File C:\Windows\4deas9azse159.bin not found.
File C:\Windows\System32\7a98add5aze4769.dll not found.
File C:\Windows\System32\13110sz94e5.exe not found.
File C:\Windows\z860s9arse2755.exe not found.
File C:\Windows\System32\1z955tro9297.dll not found.
File C:\Windows\z08915o9m5b4.exe not found.
File C:\Windows\484c9zief2925.bin not found.
File C:\Windows\System32\41b3s9a5se29z5.exe not found.
File C:\Windows\System32\3759zor56289.exe not found.
File C:\Windows\System32\OGACheckControl.dll not found.
File C:\Windows\System32\OGAEXEC.exe not found.
File C:\Windows\System32\79z4troj2f35.bin not found.
File C:\Windows\27472hack5ozl69f.bin not found.
File C:\Windows\System32\91zsparse458.bin not found.
File C:\Windows\System32\13555sz9mbot7c9.bin not found.
File C:\Windows\System32\6z1159rm14.dll not found.
File C:\Windows\System32\25bzsparse598.exe not found.
File C:\Windows\71855zckdo9r1804.dll not found.
File C:\Windows\7179sze5l3079.bin not found.
File C:\Windows\System32\2bzet9r5at25667.exe not found.
File C:\Windows\System32\31979sz5739.exe not found.
File C:\Windows\6de2spazse22529.dll not found.
File C:\Windows\System32\159825roj45z.dll not found.
C:\Users\Chris\AppData\Local\d3d9caps.dat moved successfully.
File C:\Windows\584dsp9rze30955.bin not found.
File C:\Windows\13975tzoj4b5.bin not found.
File C:\Windows\1f67z59790.bin not found.
File C:\Windows\9125wzr952.dll not found.
File C:\Windows\6eazs5e9l2686.bin not found.
File C:\Windows\506429irzs74f.dll not found.
File C:\Windows\92920s5yz38.bin not found.
File C:\Windows\System32\594zhie51492.dll not found.
File C:\Windows\60c2s95waze1742.exe not found.
File C:\Windows\25c2v9z483.exe not found.
File C:\Windows\System32\160765ackz9ol7ea.bin not found.
File C:\Windows\System32\21999tzoj6a45.exe not found.
File C:\Windows\7367vi9567z.dll not found.
File move failed. C:\Windows\System32\StructuredQuerySchemaTrivial.bin scheduled to be moved on reboot.
File C:\Windows\System32\6z56t9oj307.exe not found.
File C:\Windows\ODBC.INI not found.
File C:\Windows\System32\1faft9rzat271955.bin not found.
File C:\Windows\System32\35d79iz3219.dll not found.
File C:\Windows\System32\5915zpy3ae.exe not found.
File C:\Windows\System32\9260vi5z039.exe not found.
File C:\Windows\System32\40ba9zarse5992.dll not found.
File C:\Windows\System32\25429vi5zs2c5.exe not found.
File C:\Windows\z8456s9y28b.bin not found.
File C:\Windows\System32\3795zparse2845.dll not found.
File C:\Windows\System32\6e9es5ezl2161.bin not found.
File C:\Windows\2595trojz60.dll not found.
File C:\Windows\System32\955czir922.dll not found.
File C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File C:\Windows\System32\25499tr5j2z9.bin not found.
File C:\Windows\System32\7027tro96a5z.exe not found.
File C:\Windows\System32\4945zo9m72e.exe not found.
File C:\Windows\System32\39202t5zj2ea.dll not found.
File C:\Windows\System32\5989ir5z799.exe not found.
File C:\Windows\System32\549bvir84z.exe not found.
File C:\Windows\e15spyw9rz1147.bin not found.
File C:\Windows\771at95ef2z45.bin not found.
File C:\Windows\157359rzj655.bin not found.
File C:\Windows\System32\13583zir5s95e.bin not found.
File C:\Windows\za51sparse5359.bin not found.
File C:\Windows\System32\79a3st5az479.dll not found.
File C:\Windows\3559not-a-vizu925a.bin not found.
File C:\Windows\System32\57095tro9za.bin not found.
File C:\Windows\System32\4d33b9c5dooz3258.dll not found.
File C:\Windows\555ds9arse31z7.bin not found.
File C:\Windows\System32\195725acktoz914.dll not found.
File C:\ProgramData\ezsidmv.dat not found.
File C:\Windows\System32\76a1down5zad9r651.bin not found.
File C:\Windows\z7050tro529c.bin not found.
File C:\Windows\System32\5220stez9763.exe not found.
File C:\Windows\System32\3649v59usz9.exe not found.
File C:\Windows\18269hie521z8.dll not found.
File C:\Windows\System32\53d79ir1515z.exe not found.
File C:\Windows\System32\29055troj554z.bin not found.
File C:\Windows\System32\75f2backdo9z2912.bin not found.
File C:\Windows\System32\7dcdzdd5ar91830.exe not found.
File C:\Windows\3e8fs9yw5rz911.exe not found.
File C:\Windows\3z81v9r28495.dll not found.
File C:\Windows\System32\21cf5ir9065z.exe not found.
File C:\Windows\3279tzo5254.bin not found.
File C:\Windows\System32\libmplayer.dll not found.
File C:\Windows\System32\libavcodec.dll not found.
File C:\Windows\System32\ff_x264.dll not found.
File C:\Windows\650csp5z9re1643.exe not found.
File C:\Windows\System32\ff_theora.dll not found.
File C:\Windows\1z093tr5j115.dll not found.
File C:\Windows\System32\39bv5r2902z.exe not found.
File C:\Windows\System32\ff_wmv9.dll not found.
File C:\Windows\System32\ff_vfw.dll not found.
File C:\Windows\System32\z97spy3395.dll not found.
File C:\Windows\System32\655s9y4z1.bin not found.
File C:\Windows\System32\6a4eaddz9re23305.dll not found.
File C:\Windows\29f0sparsz2795.exe not found.
File C:\Windows\System32\79f2zhrea95803.exe not found.
File C:\Windows\System32\6a15zir13029.bin not found.
File C:\Windows\System32\5ac5zparse9498.exe not found.
File C:\Windows\System32\3bb9v591z32.exe not found.
File C:\Windows\System32\5e5asparsez849.bin not found.
File C:\Windows\6789tzi5f422.bin not found.
File C:\Windows\System32\18966spamz9t543.exe not found.
File C:\Windows\6c59virz43.bin not found.
File C:\Windows\System32\25b9addw9r529z3.bin not found.
File C:\Windows\4be495iez1854.bin not found.
File C:\Windows\3140sp9m5zt1d9.bin not found.
File C:\Windows\z955vir2931.bin not found.
File C:\Windows\System32\53cfvir897z.dll not found.
File C:\Windows\25zfspars9874.bin not found.
File C:\Windows\92312troj45bz.dll not found.
File C:\Windows\26680s59752z.bin not found.
File C:\Windows\System32\9847hzck5oo91b8.bin not found.
File C:\Windows\1358virz99.bin not found.
File C:\Windows\System32\igfxCoIn_v1437.dll not found.
File C:\Windows\System32\igklg400.bin not found.
File C:\Windows\System32\igklg450.bin not found.
File C:\Windows\System32\igmedcompkrn.bin not found.
File C:\Windows\b01z9arse85.dll not found.
File C:\Windows\System32\z0d5vi9954.exe not found.
File C:\Windows\4542spywa9z1514.bin not found.
File C:\Windows\System32\6f6z5hie91694.exe not found.
File C:\Windows\System32\25529tezl1990.exe not found.
File C:\Windows\zba9sp9rse4905.bin not found.
File C:\Windows\System32\298bvzr5295.dll not found.
File C:\Windows\System32\10z07s9y15c.dll not found.
File C:\Windows\System32\7z78s5a9se529.dll not found.
File C:\Windows\z7995tr5j1199.exe not found.
File C:\Windows\3635spazse1907.dll not found.
Folder C:\Users\Chris\AppData\Roaming\IObit\ not found.
Folder C:\Users\Chris\AppData\Roaming\LimeWire\ not found.
Folder C:\Users\Chris\AppData\Roaming\uTorrent\ not found.
Folder C:\Users\Guest\AppData\Roaming\IObit\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0968CB48-E962-462A-AF7D-51AF05193FDA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0968CB48-E962-462A-AF7D-51AF05193FDA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5CFB4CB1-8551-4D23-9536-82A8F6937D34} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CFB4CB1-8551-4D23-9536-82A8F6937D34}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64CD4D0B-B2BF-4975-908E-3504D019A1C4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64CD4D0B-B2BF-4975-908E-3504D019A1C4}\ not found.
========== FILES ==========
File\Folder c:\program files\utorrent not found.
File\Folder c:\program files\limewire not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Chris
->Temp folder emptied: 241509 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 6132328 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 178 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6.00 mb


[EMPTYFLASH]

User: All Users

User: Chris
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 09282011_182508

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\StructuredQuerySchema.bin scheduled to be moved on reboot.
File move failed. C:\Windows\System32\EhStorAuthn.dll scheduled to be moved on reboot.
File move failed. C:\Windows\System32\StructuredQuerySchemaTrivial.bin scheduled to be moved on reboot.

Registry entries deleted on Reboot...
The Gaffer
Active Member
 
Posts: 14
Joined: September 23rd, 2011, 2:23 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 69 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware