Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Processes running and slow comp

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Processes running and slow comp

Unread postby chris3356 » March 24th, 2012, 7:27 pm

I use the tdskiller to check and its been fine until the other day when instead of telling me it had scanned 220 processes which is normal for some reason it took ages and scanned 378 processes!
along with that computer is sluggish and taking a long time to open windows and boot up
something is not right all of a sudden

logs enclosed

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0
Run by Chris at 23:24:04 on 2012-03-24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1757 [GMT 0:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Users\Chris\AppData\Local\Temp\Rar$EX00.536\TDSSKiller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.visagecomputers.co.uk/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
uRun: [GoTrusted] c:\program files\gotrusted.com\gotrusted secure tunnel v2.3.1.5\GoTrusted Secure Tunnel.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DhcpNameServer = 192.168.0.203
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DhcpNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\9rqz3obm.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2012-3-11 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2012-3-11 196440]
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2012-3-11 112984]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-3-11 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-11 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-11 337880]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-11 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-11 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-11 44768]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2012-3-11 134920]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-26 652360]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-16 95200]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
R3 gttap1;GoTrusted TAP Adapter;c:\windows\system32\drivers\gttap1.sys [2008-3-18 20480]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-26 20464]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 0184651330180573mcinstcleanup;McAfee Application Installer Cleanup (0184651330180573);c:\windows\temp\018465~1.exe -cleanup -nolog --> c:\windows\temp\018465~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-1-22 80184]
S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-1-22 181432]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-03-13 13:45:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-09 09:29:56 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-03-07 00:15:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:04:25 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-03-07 00:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03:23 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-03-07 00:02:43 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-03-07 00:01:48 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:44:51 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-02-15 23:11:32 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-02-15 23:11:32 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 15:45:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47:57 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-08 00:29:39 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-08 00:29:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-02 15:16:25 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-01-09 15:54:08 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-01-09 13:58:29 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-01-09 13:43:18 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-09 13:43:18 139264 ----a-w- c:\windows\system32\xvid.ax
2011-12-28 14:52:30 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-12-28 14:52:30 47360 ----a-w- c:\users\chris\appdata\roaming\pcouffin.sys
2011-12-26 21:37:26 98816 ----a-w- c:\windows\system32\mfps.dll
.
============= FINISH: 23:24:42.18 ===============


NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 04/02/2011 10:32:19
System Uptime: 24/03/2012 23:12:25 (0 hours ago)
.
Motherboard: Dell Inc. | | 0K216C
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 1998/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 195.003 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.888 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Leawo Video Converter version 5.1.0.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.6
avast! Internet Security
CCleaner
ConvertXtoDVD 4.0.9.322
D3DX10
EasyBCD 1.7
ESET Online Scanner v3
ffdshow [rev 2180] [2008-10-04]
FileHippo.com Update Checker
GoTrusted Secure Tunnel v2.3.1.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 31
Java(TM) 7 Update 3
K-Lite Codec Pack 7.9.0 (Basic)
Malwarebytes Anti-Malware version 1.60.1.1000
McAfee SiteAdvisor
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 10.0.3 (x86 en-US)
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nero 7 Lite 7.10.1.2
Norton Internet Security
OpenOffice.org 3.3
PowerDVD
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Revo Uninstaller 1.93
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Secunia PSI (2.0.0.4003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Segoe UI
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.1
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
24/03/2012 02:00:14, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
23/03/2012 17:32:08, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
22/03/2012 21:01:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
20/03/2012 01:35:54, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
20/03/2012 01:35:54, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
.
==== End Of File ===========================
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm
Advertisement
Register to Remove

Re: Processes running and slow comp

Unread postby pgmigg » March 26th, 2012, 10:42 am

Hello chris3356,

Welcome to the forum! :)

My name is pgmigg and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby pgmigg » March 26th, 2012, 3:35 pm

Hello chris3356,

Thank you for your patience... :)

Step 1.
Multiple Anti Virus programs detected
  1. It looks like you are operating your computer with multiple Anti Virus programs installed at once:
    avast! Internet Security
    Norton Internet Security
  2. Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer.
  3. Having two or more anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.
  4. Currently you are running Avast and please keep to do it. I recommend you to uninstall Norton Internet Security

Step 2.
Please tell me, is this computer used for business purposes or connected to business network?
I need to know it - so I can provide the proper instructions.

Step 3.
I use the tdskiller to check and its been fine until the other day when instead of telling me it had scanned 220 processes which is normal for some reason it took ages and scanned 378 processes!
A log files named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt were created and saved to the root directory. (usually Local Disk C:).
Please Copy/Paste the contents of two such files in your next reply, to have possibility to see a differences you mentioned.

Please include in your next reply:
  1. Answer to my question related to type of use of your computer.
  2. Contents of couple most recentTDSSKiller report files.

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby chris3356 » March 26th, 2012, 10:58 pm

hi
i did have norton but uninstalled it a week or two ago
It is a home computer

04:11:18.0454 6640 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
04:11:20.0467 6640 ============================================================
04:11:20.0467 6640 Current date / time: 2012/02/28 04:11:20.0467
04:11:20.0467 6640 SystemInfo:
04:11:20.0467 6640
04:11:20.0467 6640 OS Version: 6.0.6002 ServicePack: 2.0
04:11:20.0467 6640 Product type: Workstation
04:11:20.0467 6640 ComputerName: DELL-530
04:11:20.0467 6640 UserName: Chris
04:11:20.0467 6640 Windows directory: C:\Windows
04:11:20.0467 6640 System windows directory: C:\Windows
04:11:20.0467 6640 Processor architecture: Intel x86
04:11:20.0467 6640 Number of processors: 2
04:11:20.0467 6640 Page size: 0x1000
04:11:20.0467 6640 Boot type: Normal boot
04:11:20.0467 6640 ============================================================
04:11:23.0228 6640 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:11:23.0244 6640 \Device\Harddisk0\DR0:
04:11:23.0244 6640 MBR used
04:11:23.0244 6640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800
04:11:23.0244 6640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
04:11:23.0368 6640 Initialize success
04:11:23.0368 6640 ============================================================
04:11:24.0055 4448 ============================================================
04:11:24.0055 4448 Scan started
04:11:24.0055 4448 Mode: Manual;
04:11:24.0055 4448 ============================================================
04:11:25.0677 4448 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
04:11:25.0677 4448 ACPI - ok
04:11:25.0786 4448 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
04:11:25.0802 4448 adp94xx - ok
04:11:25.0849 4448 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
04:11:25.0849 4448 adpahci - ok
04:11:25.0896 4448 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
04:11:25.0896 4448 adpu160m - ok
04:11:25.0958 4448 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
04:11:25.0958 4448 adpu320 - ok
04:11:26.0067 4448 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
04:11:26.0067 4448 AFD - ok
04:11:26.0145 4448 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
04:11:26.0145 4448 agp440 - ok
04:11:26.0239 4448 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
04:11:26.0239 4448 aic78xx - ok
04:11:26.0301 4448 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
04:11:26.0301 4448 aliide - ok
04:11:26.0348 4448 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
04:11:26.0348 4448 amdagp - ok
04:11:26.0379 4448 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
04:11:26.0379 4448 amdide - ok
04:11:26.0426 4448 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
04:11:26.0426 4448 AmdK7 - ok
04:11:26.0473 4448 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
04:11:26.0473 4448 AmdK8 - ok
04:11:26.0566 4448 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
04:11:26.0566 4448 arc - ok
04:11:26.0644 4448 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
04:11:26.0644 4448 arcsas - ok
04:11:26.0692 4448 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
04:11:26.0708 4448 AsyncMac - ok
04:11:26.0755 4448 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
04:11:26.0755 4448 atapi - ok
04:11:26.0833 4448 AVGIDSEH (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
04:11:26.0833 4448 AVGIDSEH - ok
04:11:26.0879 4448 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
04:11:26.0879 4448 Beep - ok
04:11:27.0113 4448 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120215.001\BHDrvx86.sys
04:11:27.0176 4448 BHDrvx86 - ok
04:11:27.0301 4448 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
04:11:27.0301 4448 blbdrive - ok
04:11:27.0394 4448 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
04:11:27.0394 4448 bowser - ok
04:11:27.0581 4448 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
04:11:27.0581 4448 BrFiltLo - ok
04:11:27.0753 4448 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
04:11:27.0753 4448 BrFiltUp - ok
04:11:27.0784 4448 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
04:11:27.0784 4448 Brserid - ok
04:11:27.0815 4448 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
04:11:27.0815 4448 BrSerWdm - ok
04:11:27.0847 4448 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
04:11:27.0862 4448 BrUsbMdm - ok
04:11:27.0878 4448 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
04:11:27.0878 4448 BrUsbSer - ok
04:11:27.0909 4448 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
04:11:27.0909 4448 BTHMODEM - ok
04:11:28.0065 4448 catchme - ok
04:11:28.0143 4448 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\NIS\1305000.091\ccSetx86.sys
04:11:28.0143 4448 ccSet_NIS - ok
04:11:28.0205 4448 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
04:11:28.0205 4448 cdfs - ok
04:11:28.0221 4448 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
04:11:28.0221 4448 cdrom - ok
04:11:28.0252 4448 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
04:11:28.0252 4448 circlass - ok
04:11:28.0361 4448 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
04:11:28.0361 4448 CLFS - ok
04:11:28.0455 4448 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
04:11:28.0455 4448 cmdide - ok
04:11:28.0471 4448 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
04:11:28.0471 4448 Compbatt - ok
04:11:28.0486 4448 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
04:11:28.0486 4448 crcdisk - ok
04:11:28.0502 4448 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
04:11:28.0502 4448 Crusoe - ok
04:11:28.0611 4448 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
04:11:28.0611 4448 DfsC - ok
04:11:28.0705 4448 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys
04:11:28.0705 4448 dg_ssudbus - ok
04:11:28.0798 4448 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
04:11:28.0798 4448 disk - ok
04:11:28.0876 4448 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
04:11:28.0892 4448 drmkaud - ok
04:11:28.0939 4448 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
04:11:29.0001 4448 DXGKrnl - ok
04:11:29.0063 4448 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
04:11:29.0095 4448 e1express - ok
04:11:29.0157 4448 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
04:11:29.0157 4448 E1G60 - ok
04:11:29.0235 4448 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
04:11:29.0235 4448 Ecache - ok
04:11:29.0329 4448 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
04:11:29.0344 4448 eeCtrl - ok
04:11:29.0422 4448 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
04:11:29.0422 4448 elxstor - ok
04:11:29.0485 4448 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
04:11:29.0485 4448 EraserUtilRebootDrv - ok
04:11:29.0500 4448 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
04:11:29.0500 4448 ErrDev - ok
04:11:29.0578 4448 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
04:11:29.0578 4448 exfat - ok
04:11:29.0594 4448 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
04:11:29.0594 4448 fastfat - ok
04:11:29.0609 4448 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
04:11:29.0625 4448 fdc - ok
04:11:29.0641 4448 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
04:11:29.0641 4448 FileInfo - ok
04:11:29.0656 4448 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
04:11:29.0656 4448 Filetrace - ok
04:11:29.0687 4448 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
04:11:29.0687 4448 flpydisk - ok
04:11:29.0703 4448 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
04:11:29.0703 4448 FltMgr - ok
04:11:29.0750 4448 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
04:11:29.0750 4448 Fs_Rec - ok
04:11:29.0781 4448 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
04:11:29.0797 4448 gagp30kx - ok
04:11:29.0875 4448 gttap1 (696099dee7610b726f61e26e4ec92aaf) C:\Windows\system32\DRIVERS\gttap1.sys
04:11:29.0890 4448 gttap1 - ok
04:11:30.0062 4448 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
04:11:30.0077 4448 HdAudAddService - ok
04:11:30.0093 4448 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:11:30.0093 4448 HDAudBus - ok
04:11:30.0124 4448 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
04:11:30.0124 4448 HidBth - ok
04:11:30.0140 4448 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
04:11:30.0140 4448 HidIr - ok
04:11:30.0218 4448 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
04:11:30.0218 4448 HidUsb - ok
04:11:30.0249 4448 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
04:11:30.0265 4448 HpCISSs - ok
04:11:30.0280 4448 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
04:11:30.0296 4448 HTTP - ok
04:11:30.0311 4448 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
04:11:30.0311 4448 i2omp - ok
04:11:30.0389 4448 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
04:11:30.0389 4448 i8042prt - ok
04:11:30.0467 4448 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
04:11:30.0467 4448 iaStorV - ok
04:11:30.0592 4448 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120224.002\IDSvix86.sys
04:11:30.0592 4448 IDSVix86 - ok
04:11:30.0701 4448 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys
04:11:30.0717 4448 igfx - ok
04:11:30.0764 4448 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
04:11:30.0764 4448 iirsp - ok
04:11:30.0857 4448 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
04:11:30.0857 4448 intelide - ok
04:11:30.0904 4448 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
04:11:30.0904 4448 intelppm - ok
04:11:30.0920 4448 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:11:30.0935 4448 IpFilterDriver - ok
04:11:30.0935 4448 IpInIp - ok
04:11:30.0967 4448 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
04:11:30.0967 4448 IPMIDRV - ok
04:11:30.0982 4448 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
04:11:30.0982 4448 IPNAT - ok
04:11:30.0998 4448 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
04:11:30.0998 4448 IRENUM - ok
04:11:31.0013 4448 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
04:11:31.0013 4448 isapnp - ok
04:11:31.0029 4448 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
04:11:31.0045 4448 iScsiPrt - ok
04:11:31.0060 4448 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
04:11:31.0060 4448 iteatapi - ok
04:11:31.0076 4448 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
04:11:31.0076 4448 iteraid - ok
04:11:31.0091 4448 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
04:11:31.0091 4448 kbdclass - ok
04:11:31.0107 4448 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
04:11:31.0107 4448 kbdhid - ok
04:11:31.0154 4448 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
04:11:31.0154 4448 KSecDD - ok
04:11:31.0185 4448 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
04:11:31.0185 4448 lltdio - ok
04:11:31.0216 4448 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
04:11:31.0216 4448 LSI_FC - ok
04:11:31.0263 4448 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
04:11:31.0263 4448 LSI_SAS - ok
04:11:31.0372 4448 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
04:11:31.0372 4448 LSI_SCSI - ok
04:11:31.0450 4448 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
04:11:31.0450 4448 luafv - ok
04:11:31.0606 4448 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
04:11:31.0606 4448 MBAMProtector - ok
04:11:31.0653 4448 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
04:11:31.0669 4448 megasas - ok
04:11:31.0731 4448 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
04:11:31.0731 4448 MegaSR - ok
04:11:31.0762 4448 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
04:11:31.0762 4448 Modem - ok
04:11:31.0793 4448 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
04:11:31.0793 4448 monitor - ok
04:11:31.0809 4448 MOSUMAC (e07afaf733d3004f5dc64aa3a47700b1) C:\Windows\system32\DRIVERS\MOSUMAC.SYS
04:11:31.0809 4448 MOSUMAC - ok
04:11:31.0825 4448 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
04:11:31.0840 4448 mouclass - ok
04:11:31.0840 4448 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
04:11:31.0856 4448 mouhid - ok
04:11:31.0871 4448 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
04:11:31.0871 4448 MountMgr - ok
04:11:31.0934 4448 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
04:11:31.0949 4448 mpio - ok
04:11:31.0965 4448 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
04:11:31.0981 4448 mpsdrv - ok
04:11:32.0012 4448 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
04:11:32.0012 4448 Mraid35x - ok
04:11:32.0012 4448 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
04:11:32.0027 4448 MRxDAV - ok
04:11:32.0059 4448 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:11:32.0059 4448 mrxsmb - ok
04:11:32.0074 4448 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:11:32.0074 4448 mrxsmb10 - ok
04:11:32.0090 4448 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:11:32.0090 4448 mrxsmb20 - ok
04:11:32.0105 4448 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
04:11:32.0105 4448 msahci - ok
04:11:32.0121 4448 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
04:11:32.0137 4448 msdsm - ok
04:11:32.0137 4448 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
04:11:32.0152 4448 Msfs - ok
04:11:32.0215 4448 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
04:11:32.0215 4448 msisadrv - ok
04:11:32.0308 4448 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
04:11:32.0308 4448 MSKSSRV - ok
04:11:32.0371 4448 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
04:11:32.0371 4448 MSPCLOCK - ok
04:11:32.0386 4448 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
04:11:32.0386 4448 MSPQM - ok
04:11:32.0402 4448 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
04:11:32.0402 4448 MsRPC - ok
04:11:32.0417 4448 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
04:11:32.0433 4448 mssmbios - ok
04:11:32.0433 4448 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
04:11:32.0433 4448 MSTEE - ok
04:11:32.0449 4448 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
04:11:32.0449 4448 Mup - ok
04:11:32.0495 4448 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
04:11:32.0495 4448 NativeWifiP - ok
04:11:32.0605 4448 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120227.002\NAVENG.SYS
04:11:32.0605 4448 NAVENG - ok
04:11:32.0698 4448 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120227.002\NAVEX15.SYS
04:11:32.0714 4448 NAVEX15 - ok
04:11:33.0151 4448 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
04:11:33.0151 4448 NDIS - ok
04:11:33.0197 4448 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
04:11:33.0213 4448 NdisTapi - ok
04:11:33.0260 4448 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
04:11:33.0260 4448 Ndisuio - ok
04:11:33.0338 4448 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:11:33.0338 4448 NdisWan - ok
04:11:33.0400 4448 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
04:11:33.0400 4448 NDProxy - ok
04:11:33.0447 4448 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
04:11:33.0447 4448 NetBIOS - ok
04:11:33.0494 4448 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
04:11:33.0494 4448 netbt - ok
04:11:33.0509 4448 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
04:11:33.0509 4448 nfrd960 - ok
04:11:33.0525 4448 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
04:11:33.0525 4448 Npfs - ok
04:11:33.0541 4448 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
04:11:33.0541 4448 nsiproxy - ok
04:11:33.0587 4448 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
04:11:33.0603 4448 Ntfs - ok
04:11:33.0619 4448 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
04:11:33.0619 4448 ntrigdigi - ok
04:11:33.0634 4448 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
04:11:33.0634 4448 Null - ok
04:11:33.0665 4448 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
04:11:33.0665 4448 nvraid - ok
04:11:33.0697 4448 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
04:11:33.0697 4448 nvstor - ok
04:11:33.0712 4448 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
04:11:33.0712 4448 nv_agp - ok
04:11:33.0728 4448 NwlnkFlt - ok
04:11:33.0743 4448 NwlnkFwd - ok
04:11:33.0806 4448 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
04:11:33.0821 4448 ohci1394 - ok
04:11:33.0837 4448 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
04:11:33.0837 4448 Parport - ok
04:11:33.0837 4448 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
04:11:33.0853 4448 partmgr - ok
04:11:33.0915 4448 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
04:11:33.0915 4448 Parvdm - ok
04:11:34.0040 4448 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
04:11:34.0040 4448 pci - ok
04:11:34.0102 4448 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
04:11:34.0102 4448 pciide - ok
04:11:34.0508 4448 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
04:11:34.0508 4448 pcmcia - ok
04:11:34.0976 4448 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
04:11:34.0991 4448 pcouffin - ok
04:11:35.0397 4448 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
04:11:35.0413 4448 PEAUTH - ok
04:11:35.0740 4448 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
04:11:35.0756 4448 PptpMiniport - ok
04:11:35.0943 4448 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
04:11:35.0943 4448 Processor - ok
04:11:36.0177 4448 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
04:11:36.0177 4448 PSched - ok
04:11:36.0505 4448 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
04:11:36.0520 4448 PSI - ok
04:11:36.0973 4448 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
04:11:36.0973 4448 ql2300 - ok
04:11:37.0160 4448 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
04:11:37.0160 4448 ql40xx - ok
04:11:37.0347 4448 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
04:11:37.0347 4448 QWAVEdrv - ok
04:11:37.0409 4448 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
04:11:37.0425 4448 RasAcd - ok
04:11:37.0612 4448 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:11:37.0628 4448 Rasl2tp - ok
04:11:37.0659 4448 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
04:11:37.0675 4448 RasPppoe - ok
04:11:37.0690 4448 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
04:11:37.0690 4448 RasSstp - ok
04:11:37.0721 4448 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
04:11:37.0737 4448 rdbss - ok
04:11:37.0768 4448 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:11:37.0784 4448 RDPCDD - ok
04:11:37.0815 4448 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
04:11:37.0862 4448 rdpdr - ok
04:11:37.0924 4448 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
04:11:37.0924 4448 RDPENCDD - ok
04:11:37.0955 4448 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
04:11:37.0955 4448 RDPWD - ok
04:11:38.0033 4448 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
04:11:38.0033 4448 rspndr - ok
04:11:38.0158 4448 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
04:11:38.0158 4448 RTL8169 - ok
04:11:38.0267 4448 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
04:11:38.0267 4448 sbp2port - ok
04:11:38.0299 4448 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
04:11:38.0299 4448 secdrv - ok
04:11:38.0377 4448 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
04:11:38.0377 4448 Serenum - ok
04:11:38.0408 4448 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
04:11:38.0408 4448 Serial - ok
04:11:38.0439 4448 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
04:11:38.0439 4448 sermouse - ok
04:11:38.0486 4448 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
04:11:38.0486 4448 sffdisk - ok
04:11:38.0548 4448 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
04:11:38.0548 4448 sffp_mmc - ok
04:11:38.0657 4448 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
04:11:38.0657 4448 sffp_sd - ok
04:11:38.0673 4448 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
04:11:38.0673 4448 sfloppy - ok
04:11:38.0751 4448 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
04:11:38.0751 4448 sisagp - ok
04:11:38.0767 4448 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
04:11:38.0767 4448 SiSRaid2 - ok
04:11:38.0782 4448 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
04:11:38.0798 4448 SiSRaid4 - ok
04:11:38.0813 4448 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
04:11:38.0813 4448 Smb - ok
04:11:38.0845 4448 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
04:11:38.0845 4448 spldr - ok
04:11:39.0063 4448 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\Windows\System32\Drivers\NIS\1305000.091\SRTSP.SYS
04:11:39.0063 4448 SRTSP - ok
04:11:39.0359 4448 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\Windows\system32\drivers\NIS\1305000.091\SRTSPX.SYS
04:11:39.0359 4448 SRTSPX - ok
04:11:39.0812 4448 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
04:11:39.0812 4448 srv - ok
04:11:39.0983 4448 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
04:11:40.0015 4448 srv2 - ok
04:11:40.0046 4448 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
04:11:40.0061 4448 srvnet - ok
04:11:40.0124 4448 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys
04:11:40.0139 4448 ssudmdm - ok
04:11:40.0233 4448 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
04:11:40.0233 4448 swenum - ok
04:11:40.0249 4448 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
04:11:40.0249 4448 Symc8xx - ok
04:11:40.0311 4448 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1305000.091\SYMDS.SYS
04:11:40.0327 4448 SymDS - ok
04:11:40.0639 4448 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\NIS\1305000.091\SYMEFA.SYS
04:11:40.0654 4448 SymEFA - ok
04:11:40.0779 4448 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS
04:11:40.0795 4448 SymEvent - ok
04:11:40.0951 4448 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\NIS\1305000.091\Ironx86.SYS
04:11:40.0951 4448 SymIRON - ok
04:11:41.0200 4448 SYMTDIv (40c6e6417c8b7d7fcf82cfbe71525795) C:\Windows\System32\Drivers\NIS\1305000.091\SYMTDIV.SYS
04:11:41.0200 4448 SYMTDIv - ok
04:11:41.0465 4448 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
04:11:41.0465 4448 Sym_hi - ok
04:11:41.0543 4448 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
04:11:41.0543 4448 Sym_u3 - ok
04:11:41.0731 4448 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
04:11:41.0731 4448 Tcpip - ok
04:11:41.0887 4448 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
04:11:41.0887 4448 Tcpip6 - ok
04:11:42.0074 4448 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
04:11:42.0089 4448 tcpipreg - ok
04:11:42.0105 4448 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
04:11:42.0105 4448 TDPIPE - ok
04:11:42.0121 4448 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
04:11:42.0136 4448 TDTCP - ok
04:11:42.0152 4448 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
04:11:42.0152 4448 tdx - ok
04:11:42.0167 4448 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
04:11:42.0167 4448 TermDD - ok
04:11:42.0199 4448 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:11:42.0199 4448 tssecsrv - ok
04:11:42.0214 4448 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
04:11:42.0214 4448 tunmp - ok
04:11:42.0230 4448 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
04:11:42.0230 4448 tunnel - ok
04:11:42.0245 4448 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
04:11:42.0245 4448 uagp35 - ok
04:11:42.0277 4448 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
04:11:42.0277 4448 udfs - ok
04:11:42.0323 4448 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
04:11:42.0323 4448 uliagpkx - ok
04:11:42.0526 4448 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
04:11:42.0526 4448 uliahci - ok
04:11:42.0620 4448 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
04:11:42.0635 4448 UlSata - ok
04:11:42.0760 4448 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
04:11:42.0760 4448 ulsata2 - ok
04:11:42.0932 4448 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
04:11:42.0932 4448 umbus - ok
04:11:43.0150 4448 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
04:11:43.0197 4448 usbccgp - ok
04:11:43.0228 4448 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
04:11:43.0228 4448 usbcir - ok
04:11:43.0306 4448 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
04:11:43.0322 4448 usbehci - ok
04:11:43.0322 4448 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
04:11:43.0337 4448 usbhub - ok
04:11:43.0353 4448 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
04:11:43.0353 4448 usbohci - ok
04:11:43.0384 4448 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
04:11:43.0384 4448 usbprint - ok
04:11:43.0400 4448 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:11:43.0400 4448 USBSTOR - ok
04:11:43.0415 4448 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
04:11:43.0415 4448 usbuhci - ok
04:11:43.0447 4448 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
04:11:43.0447 4448 vga - ok
04:11:43.0447 4448 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
04:11:43.0462 4448 VgaSave - ok
04:11:43.0478 4448 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
04:11:43.0478 4448 viaagp - ok
04:11:43.0493 4448 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
04:11:43.0493 4448 ViaC7 - ok
04:11:43.0571 4448 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
04:11:43.0571 4448 viaide - ok
04:11:43.0649 4448 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
04:11:43.0665 4448 volmgr - ok
04:11:43.0727 4448 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
04:11:43.0727 4448 volmgrx - ok
04:11:43.0805 4448 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
04:11:43.0821 4448 volsnap - ok
04:11:43.0899 4448 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
04:11:43.0899 4448 vsmraid - ok
04:11:44.0024 4448 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
04:11:44.0024 4448 WacomPen - ok
04:11:44.0102 4448 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:11:44.0102 4448 Wanarp - ok
04:11:44.0133 4448 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:11:44.0133 4448 Wanarpv6 - ok
04:11:44.0180 4448 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
04:11:44.0180 4448 Wd - ok
04:11:44.0273 4448 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
04:11:44.0289 4448 Wdf01000 - ok
04:11:44.0383 4448 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
04:11:44.0398 4448 WmiAcpi - ok
04:11:44.0476 4448 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
04:11:44.0476 4448 WpdUsb - ok
04:11:44.0507 4448 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
04:11:44.0507 4448 ws2ifsl - ok
04:11:44.0539 4448 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:11:44.0539 4448 WUDFRd - ok
04:11:44.0554 4448 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
04:11:44.0632 4448 \Device\Harddisk0\DR0 - ok
04:11:44.0648 4448 Boot (0x1200) (3dfd8f055873d9238e5377622da9fb66) \Device\Harddisk0\DR0\Partition0
04:11:44.0679 4448 \Device\Harddisk0\DR0\Partition0 - ok
04:11:44.0726 4448 Boot (0x1200) (c16041381db22404c8fc65dde425fb44) \Device\Harddisk0\DR0\Partition1
04:11:44.0726 4448 \Device\Harddisk0\DR0\Partition1 - ok
04:11:44.0726 4448 ============================================================
04:11:44.0726 4448 Scan finished
04:11:44.0726 4448 ============================================================
04:11:44.0741 1496 Detected object count: 0
04:11:44.0741 1496 Actual detected object count: 0
04:11:48.0205 6888 Deinitialize success

------------------
12:31:28.0509 4268 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
12:31:28.0665 4268 ============================================================
12:31:28.0665 4268 Current date / time: 2012/03/26 12:31:28.0665
12:31:28.0665 4268 SystemInfo:
12:31:28.0665 4268
12:31:28.0665 4268 OS Version: 6.0.6002 ServicePack: 2.0
12:31:28.0665 4268 Product type: Workstation
12:31:28.0665 4268 ComputerName: DELL-530
12:31:28.0665 4268 UserName: Chris
12:31:28.0665 4268 Windows directory: C:\Windows
12:31:28.0665 4268 System windows directory: C:\Windows
12:31:28.0665 4268 Processor architecture: Intel x86
12:31:28.0665 4268 Number of processors: 2
12:31:28.0665 4268 Page size: 0x1000
12:31:28.0665 4268 Boot type: Normal boot
12:31:28.0665 4268 ============================================================
12:31:30.0739 4268 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:31:30.0739 4268 Drive \Device\Harddisk1\DR1 - Size: 0x1DD000000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:31:30.0739 4268 \Device\Harddisk0\DR0:
12:31:30.0739 4268 MBR used
12:31:30.0739 4268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800
12:31:30.0739 4268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
12:31:30.0739 4268 \Device\Harddisk1\DR1:
12:31:30.0739 4268 MBR used
12:31:30.0739 4268 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0xF8, BlocksNum 0xEE7F08
12:31:30.0942 4268 Initialize success
12:31:30.0942 4268 ============================================================
12:31:31.0769 4228 ============================================================
12:31:31.0769 4228 Scan started
12:31:31.0769 4228 Mode: Manual;
12:31:31.0769 4228 ============================================================
12:31:34.0452 4228 0184651330180573mcinstcleanup - ok
12:31:34.0780 4228 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:31:34.0795 4228 ACPI - ok
12:31:34.0873 4228 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:31:34.0873 4228 AdobeARMservice - ok
12:31:34.0967 4228 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:31:34.0967 4228 adp94xx - ok
12:31:35.0061 4228 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:31:35.0061 4228 adpahci - ok
12:31:35.0201 4228 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:31:35.0201 4228 adpu160m - ok
12:31:35.0373 4228 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:31:35.0388 4228 adpu320 - ok
12:31:35.0544 4228 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:31:35.0544 4228 AeLookupSvc - ok
12:31:35.0622 4228 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:31:35.0638 4228 AFD - ok
12:31:35.0685 4228 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:31:35.0685 4228 agp440 - ok
12:31:35.0731 4228 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:31:35.0731 4228 aic78xx - ok
12:31:35.0763 4228 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:31:35.0763 4228 ALG - ok
12:31:35.0778 4228 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:31:35.0778 4228 aliide - ok
12:31:35.0794 4228 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:31:35.0794 4228 amdagp - ok
12:31:35.0841 4228 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
12:31:35.0841 4228 amdide - ok
12:31:35.0872 4228 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:31:35.0872 4228 AmdK7 - ok
12:31:35.0887 4228 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
12:31:35.0887 4228 AmdK8 - ok
12:31:35.0934 4228 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:31:35.0934 4228 Appinfo - ok
12:31:35.0981 4228 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:31:35.0981 4228 arc - ok
12:31:36.0028 4228 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:31:36.0028 4228 arcsas - ok
12:31:36.0075 4228 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:31:36.0075 4228 AsyncMac - ok
12:31:36.0090 4228 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:31:36.0090 4228 atapi - ok
12:31:36.0277 4228 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:31:36.0277 4228 AudioEndpointBuilder - ok
12:31:36.0355 4228 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:31:36.0355 4228 Audiosrv - ok
12:31:36.0589 4228 AVGIDSEH (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
12:31:36.0589 4228 AVGIDSEH - ok
12:31:36.0652 4228 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:31:36.0683 4228 Beep - ok
12:31:36.0730 4228 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
12:31:36.0730 4228 BFE - ok
12:31:36.0808 4228 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
12:31:36.0808 4228 BITS - ok
12:31:36.0933 4228 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:31:36.0933 4228 blbdrive - ok
12:31:37.0089 4228 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:31:37.0135 4228 bowser - ok
12:31:37.0291 4228 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:31:37.0291 4228 BrFiltLo - ok
12:31:37.0323 4228 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:31:37.0323 4228 BrFiltUp - ok
12:31:37.0432 4228 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:31:37.0447 4228 Browser - ok
12:31:37.0588 4228 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:31:37.0603 4228 Brserid - ok
12:31:37.0650 4228 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:31:37.0666 4228 BrSerWdm - ok
12:31:37.0728 4228 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:31:37.0728 4228 BrUsbMdm - ok
12:31:37.0791 4228 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:31:37.0791 4228 BrUsbSer - ok
12:31:37.0806 4228 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:31:37.0806 4228 BTHMODEM - ok
12:31:37.0837 4228 catchme - ok
12:31:37.0853 4228 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:31:37.0853 4228 cdfs - ok
12:31:37.0884 4228 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:31:37.0884 4228 cdrom - ok
12:31:37.0947 4228 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:31:37.0947 4228 CertPropSvc - ok
12:31:37.0978 4228 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:31:37.0978 4228 circlass - ok
12:31:38.0009 4228 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:31:38.0009 4228 CLFS - ok
12:31:38.0337 4228 CLPSLS (be465a17fda2e79ed49053cbec7e9335) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
12:31:38.0352 4228 CLPSLS - ok
12:31:38.0508 4228 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:31:38.0524 4228 clr_optimization_v2.0.50727_32 - ok
12:31:38.0617 4228 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:31:38.0617 4228 clr_optimization_v4.0.30319_32 - ok
12:31:39.0054 4228 cmdAgent (907324001ae25ac5959c91eaa34cabae) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:31:39.0070 4228 cmdAgent - ok
12:31:39.0304 4228 cmdGuard (22d54351b7a2c94814d00faa502ff381) C:\Windows\system32\DRIVERS\cmdguard.sys
12:31:39.0319 4228 cmdGuard - ok
12:31:39.0460 4228 cmdHlp (ffb59cad4be8c317624d40959a48a5db) C:\Windows\system32\DRIVERS\cmdhlp.sys
12:31:39.0460 4228 cmdHlp - ok
12:31:39.0538 4228 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:31:39.0538 4228 cmdide - ok
12:31:39.0553 4228 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
12:31:39.0553 4228 Compbatt - ok
12:31:39.0569 4228 COMSysApp - ok
12:31:39.0600 4228 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:31:39.0600 4228 crcdisk - ok
12:31:39.0616 4228 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:31:39.0647 4228 Crusoe - ok
12:31:39.0819 4228 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
12:31:39.0819 4228 CryptSvc - ok
12:31:39.0897 4228 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:31:39.0897 4228 DcomLaunch - ok
12:31:39.0928 4228 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:31:39.0928 4228 DfsC - ok
12:31:39.0990 4228 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
12:31:40.0021 4228 DFSR - ok
12:31:40.0068 4228 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys
12:31:40.0084 4228 dg_ssudbus - ok
12:31:40.0115 4228 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
12:31:40.0115 4228 Dhcp - ok
12:31:40.0146 4228 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:31:40.0146 4228 disk - ok
12:31:40.0240 4228 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
12:31:40.0240 4228 Dnscache - ok
12:31:40.0411 4228 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
12:31:40.0427 4228 dot3svc - ok
12:31:40.0474 4228 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:31:40.0474 4228 DPS - ok
12:31:40.0536 4228 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:31:40.0536 4228 drmkaud - ok
12:31:40.0567 4228 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:31:40.0583 4228 DXGKrnl - ok
12:31:40.0661 4228 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
12:31:40.0677 4228 e1express - ok
12:31:40.0723 4228 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:31:40.0723 4228 E1G60 - ok
12:31:40.0817 4228 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:31:40.0817 4228 EapHost - ok
12:31:40.0895 4228 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:31:40.0911 4228 Ecache - ok
12:31:40.0926 4228 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
12:31:40.0957 4228 ehRecvr - ok
12:31:40.0973 4228 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
12:31:40.0973 4228 ehSched - ok
12:31:40.0989 4228 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
12:31:40.0989 4228 ehstart - ok
12:31:41.0004 4228 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:31:41.0020 4228 elxstor - ok
12:31:41.0067 4228 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
12:31:41.0067 4228 EMDMgmt - ok
12:31:41.0129 4228 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:31:41.0223 4228 ErrDev - ok
12:31:41.0285 4228 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
12:31:41.0285 4228 EventSystem - ok
12:31:41.0379 4228 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:31:41.0379 4228 exfat - ok
12:31:41.0425 4228 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:31:41.0441 4228 fastfat - ok
12:31:41.0457 4228 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:31:41.0457 4228 fdc - ok
12:31:41.0472 4228 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:31:41.0472 4228 fdPHost - ok
12:31:41.0488 4228 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:31:41.0488 4228 FDResPub - ok
12:31:41.0535 4228 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:31:41.0535 4228 FileInfo - ok
12:31:41.0566 4228 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:31:41.0581 4228 Filetrace - ok
12:31:41.0597 4228 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:31:41.0597 4228 flpydisk - ok
12:31:41.0613 4228 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:31:41.0613 4228 FltMgr - ok
12:31:41.0691 4228 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
12:31:41.0706 4228 FontCache - ok
12:31:41.0753 4228 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:31:41.0753 4228 FontCache3.0.0.0 - ok
12:31:41.0769 4228 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:31:41.0769 4228 Fs_Rec - ok
12:31:41.0815 4228 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:31:41.0815 4228 gagp30kx - ok
12:31:41.0909 4228 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
12:31:41.0925 4228 gpsvc - ok
12:31:41.0971 4228 gttap1 (696099dee7610b726f61e26e4ec92aaf) C:\Windows\system32\DRIVERS\gttap1.sys
12:31:41.0971 4228 gttap1 - ok
12:31:42.0003 4228 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
12:31:42.0003 4228 HdAudAddService - ok
12:31:42.0096 4228 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:31:42.0143 4228 HDAudBus - ok
12:31:42.0595 4228 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:31:42.0627 4228 HidBth - ok
12:31:42.0892 4228 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:31:42.0892 4228 HidIr - ok
12:31:43.0001 4228 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
12:31:43.0001 4228 hidserv - ok
12:31:43.0079 4228 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:31:43.0079 4228 HidUsb - ok
12:31:43.0391 4228 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:31:43.0391 4228 hkmsvc - ok
12:31:43.0469 4228 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:31:43.0469 4228 HpCISSs - ok
12:31:43.0641 4228 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:31:43.0687 4228 HTTP - ok
12:31:43.0734 4228 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:31:43.0734 4228 i2omp - ok
12:31:43.0843 4228 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:31:43.0843 4228 i8042prt - ok
12:31:43.0968 4228 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:31:43.0968 4228 iaStorV - ok
12:31:44.0077 4228 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:31:44.0233 4228 idsvc - ok
12:31:44.0592 4228 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:31:44.0639 4228 igfx - ok
12:31:44.0670 4228 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:31:44.0670 4228 iirsp - ok
12:31:44.0748 4228 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
12:31:44.0748 4228 IKEEXT - ok
12:31:44.0842 4228 inspect (d9f7411dbc673dbcdf517192301c8530) C:\Windows\system32\DRIVERS\inspect.sys
12:31:44.0842 4228 inspect - ok
12:31:44.0904 4228 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:31:44.0904 4228 intelide - ok
12:31:44.0951 4228 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:31:44.0951 4228 intelppm - ok
12:31:44.0982 4228 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:31:44.0982 4228 IPBusEnum - ok
12:31:45.0013 4228 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:31:45.0013 4228 IpFilterDriver - ok
12:31:45.0076 4228 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
12:31:45.0076 4228 iphlpsvc - ok
12:31:45.0091 4228 IpInIp - ok
12:31:45.0107 4228 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:31:45.0107 4228 IPMIDRV - ok
12:31:45.0123 4228 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:31:45.0123 4228 IPNAT - ok
12:31:45.0263 4228 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:31:45.0263 4228 IRENUM - ok
12:31:45.0325 4228 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:31:45.0325 4228 isapnp - ok
12:31:45.0388 4228 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:31:45.0388 4228 iScsiPrt - ok
12:31:45.0544 4228 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:31:45.0544 4228 iteatapi - ok
12:31:45.0653 4228 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:31:45.0653 4228 iteraid - ok
12:31:45.0700 4228 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:31:45.0700 4228 kbdclass - ok
12:31:45.0840 4228 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:31:45.0840 4228 kbdhid - ok
12:31:45.0965 4228 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:31:45.0965 4228 KeyIso - ok
12:31:46.0090 4228 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:31:46.0105 4228 KSecDD - ok
12:31:46.0152 4228 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:31:46.0152 4228 KtmRm - ok
12:31:46.0215 4228 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
12:31:46.0230 4228 LanmanServer - ok
12:31:46.0339 4228 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
12:31:46.0339 4228 LanmanWorkstation - ok
12:31:46.0402 4228 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:31:46.0464 4228 lltdio - ok
12:31:46.0683 4228 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:31:46.0698 4228 lltdsvc - ok
12:31:46.0792 4228 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:31:46.0792 4228 lmhosts - ok
12:31:46.0854 4228 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:31:46.0854 4228 LSI_FC - ok
12:31:46.0870 4228 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:31:46.0885 4228 LSI_SAS - ok
12:31:46.0932 4228 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:31:46.0932 4228 LSI_SCSI - ok
12:31:46.0948 4228 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:31:46.0963 4228 luafv - ok
12:31:46.0995 4228 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
12:31:46.0995 4228 MBAMProtector - ok
12:31:47.0260 4228 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:31:47.0260 4228 MBAMService - ok
12:31:47.0369 4228 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
12:31:47.0369 4228 McAfee SiteAdvisor Service - ok
12:31:47.0478 4228 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
12:31:47.0478 4228 Mcx2Svc - ok
12:31:47.0541 4228 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:31:47.0541 4228 megasas - ok
12:31:47.0634 4228 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:31:47.0650 4228 MegaSR - ok
12:31:47.0697 4228 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:31:47.0697 4228 MMCSS - ok
12:31:47.0868 4228 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:31:47.0868 4228 Modem - ok
12:31:47.0884 4228 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:31:47.0884 4228 monitor - ok
12:31:47.0946 4228 MOSUMAC (e07afaf733d3004f5dc64aa3a47700b1) C:\Windows\system32\DRIVERS\MOSUMAC.SYS
12:31:47.0946 4228 MOSUMAC - ok
12:31:48.0009 4228 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:31:48.0009 4228 mouclass - ok
12:31:48.0024 4228 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:31:48.0024 4228 mouhid - ok
12:31:48.0040 4228 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:31:48.0040 4228 MountMgr - ok
12:31:48.0071 4228 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:31:48.0087 4228 mpio - ok
12:31:48.0102 4228 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:31:48.0102 4228 mpsdrv - ok
12:31:48.0196 4228 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
12:31:48.0196 4228 MpsSvc - ok
12:31:48.0243 4228 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:31:48.0243 4228 Mraid35x - ok
12:31:48.0258 4228 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:31:48.0274 4228 MRxDAV - ok
12:31:48.0289 4228 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:31:48.0289 4228 mrxsmb - ok
12:31:48.0352 4228 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:31:48.0414 4228 mrxsmb10 - ok
12:31:48.0430 4228 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:31:48.0430 4228 mrxsmb20 - ok
12:31:48.0461 4228 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
12:31:48.0461 4228 msahci - ok
12:31:48.0477 4228 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:31:48.0477 4228 msdsm - ok
12:31:48.0492 4228 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:31:48.0508 4228 MSDTC - ok
12:31:48.0555 4228 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:31:48.0570 4228 Msfs - ok
12:31:48.0601 4228 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:31:48.0601 4228 msisadrv - ok
12:31:48.0664 4228 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:31:48.0742 4228 MSiSCSI - ok
12:31:48.0820 4228 msiserver - ok
12:31:48.0867 4228 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:31:48.0867 4228 MSKSSRV - ok
12:31:48.0929 4228 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:31:48.0929 4228 MSPCLOCK - ok
12:31:48.0929 4228 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:31:48.0929 4228 MSPQM - ok
12:31:48.0960 4228 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:31:48.0960 4228 MsRPC - ok
12:31:49.0007 4228 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:31:49.0007 4228 mssmbios - ok
12:31:49.0085 4228 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:31:49.0085 4228 MSTEE - ok
12:31:49.0163 4228 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:31:49.0163 4228 Mup - ok
12:31:49.0241 4228 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
12:31:49.0241 4228 napagent - ok
12:31:49.0413 4228 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:31:49.0413 4228 NativeWifiP - ok
12:31:49.0584 4228 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:31:49.0600 4228 NDIS - ok
12:31:49.0631 4228 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:31:49.0631 4228 NdisTapi - ok
12:31:49.0662 4228 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:31:49.0662 4228 Ndisuio - ok
12:31:49.0678 4228 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:31:49.0678 4228 NdisWan - ok
12:31:49.0803 4228 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:31:49.0818 4228 NDProxy - ok
12:31:49.0849 4228 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:31:49.0849 4228 NetBIOS - ok
12:31:49.0865 4228 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:31:49.0865 4228 netbt - ok
12:31:50.0161 4228 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:31:50.0177 4228 Netlogon - ok
12:31:50.0208 4228 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:31:50.0208 4228 Netman - ok
12:31:50.0224 4228 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:31:50.0224 4228 netprofm - ok
12:31:50.0286 4228 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:31:50.0286 4228 NetTcpPortSharing - ok
12:31:50.0427 4228 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:31:50.0458 4228 nfrd960 - ok
12:31:50.0676 4228 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:31:50.0676 4228 NlaSvc - ok
12:31:50.0707 4228 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:31:50.0707 4228 Npfs - ok
12:31:50.0723 4228 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:31:50.0723 4228 nsi - ok
12:31:50.0739 4228 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:31:50.0739 4228 nsiproxy - ok
12:31:50.0770 4228 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:31:50.0801 4228 Ntfs - ok
12:31:50.0832 4228 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:31:50.0832 4228 ntrigdigi - ok
12:31:50.0879 4228 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:31:50.0879 4228 Null - ok
12:31:50.0895 4228 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:31:50.0910 4228 nvraid - ok
12:31:50.0926 4228 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:31:50.0926 4228 nvstor - ok
12:31:50.0941 4228 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:31:50.0941 4228 nv_agp - ok
12:31:50.0941 4228 NwlnkFlt - ok
12:31:50.0988 4228 NwlnkFwd - ok
12:31:51.0019 4228 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
12:31:51.0019 4228 ohci1394 - ok
12:31:51.0175 4228 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:31:51.0519 4228 p2pimsvc - ok
12:31:51.0612 4228 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:31:51.0628 4228 p2psvc - ok
12:31:51.0753 4228 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
12:31:51.0768 4228 Parport - ok
12:31:51.0815 4228 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:31:51.0831 4228 partmgr - ok
12:31:51.0862 4228 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
12:31:51.0862 4228 Parvdm - ok
12:31:51.0877 4228 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:31:51.0877 4228 PcaSvc - ok
12:31:51.0940 4228 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:31:51.0971 4228 pci - ok
12:31:52.0018 4228 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:31:52.0018 4228 pciide - ok
12:31:52.0033 4228 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:31:52.0033 4228 pcmcia - ok
12:31:52.0080 4228 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
12:31:52.0080 4228 pcouffin - ok
12:31:52.0143 4228 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:31:52.0174 4228 PEAUTH - ok
12:31:52.0501 4228 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:31:52.0517 4228 pla - ok
12:31:52.0533 4228 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
12:31:52.0533 4228 PlugPlay - ok
12:31:52.0626 4228 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:31:52.0626 4228 PNRPAutoReg - ok
12:31:52.0657 4228 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:31:52.0657 4228 PNRPsvc - ok
12:31:52.0720 4228 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
12:31:52.0720 4228 PolicyAgent - ok
12:31:52.0782 4228 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:31:52.0782 4228 PptpMiniport - ok
12:31:52.0813 4228 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
12:31:52.0813 4228 Processor - ok
12:31:52.0845 4228 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
12:31:52.0845 4228 ProfSvc - ok
12:31:52.0860 4228 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:31:52.0876 4228 ProtectedStorage - ok
12:31:52.0969 4228 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:31:52.0969 4228 PSched - ok
12:31:53.0047 4228 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
12:31:53.0047 4228 PSI - ok
12:31:53.0250 4228 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:31:53.0437 4228 ql2300 - ok
12:31:53.0952 4228 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:31:53.0968 4228 ql40xx - ok
12:31:54.0077 4228 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:31:54.0077 4228 QWAVE - ok
12:31:54.0139 4228 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:31:54.0155 4228 QWAVEdrv - ok
12:31:54.0186 4228 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:31:54.0202 4228 RasAcd - ok
12:31:54.0233 4228 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:31:54.0233 4228 RasAuto - ok
12:31:54.0249 4228 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:31:54.0249 4228 Rasl2tp - ok
12:31:54.0311 4228 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
12:31:54.0327 4228 RasMan - ok
12:31:54.0342 4228 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:31:54.0342 4228 RasPppoe - ok
12:31:54.0358 4228 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:31:54.0358 4228 RasSstp - ok
12:31:54.0451 4228 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:31:54.0514 4228 rdbss - ok
12:31:54.0561 4228 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:31:54.0561 4228 RDPCDD - ok
12:31:54.0592 4228 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:31:54.0607 4228 rdpdr - ok
12:31:54.0654 4228 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:31:54.0717 4228 RDPENCDD - ok
12:31:54.0795 4228 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
12:31:54.0810 4228 RDPWD - ok
12:31:54.0888 4228 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:31:54.0888 4228 RemoteAccess - ok
12:31:54.0951 4228 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
12:31:54.0982 4228 RemoteRegistry - ok
12:31:55.0075 4228 RichVideo (bd517c7fb119997effbe39d5e4b37b05) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:31:55.0075 4228 RichVideo - ok
12:31:55.0107 4228 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:31:55.0107 4228 RpcLocator - ok
12:31:55.0138 4228 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
12:31:55.0138 4228 RpcSs - ok
12:31:55.0185 4228 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:31:55.0216 4228 rspndr - ok
12:31:55.0325 4228 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
12:31:55.0325 4228 RTL8169 - ok
12:31:55.0497 4228 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:31:55.0497 4228 SamSs - ok
12:31:55.0559 4228 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:31:55.0575 4228 sbp2port - ok
12:31:55.0746 4228 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
12:31:55.0777 4228 SCardSvr - ok
12:31:55.0840 4228 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
12:31:55.0949 4228 Schedule - ok
12:31:56.0027 4228 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:31:56.0027 4228 SCPolicySvc - ok
12:31:56.0058 4228 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:31:56.0058 4228 SDRSVC - ok
12:31:56.0074 4228 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:31:56.0074 4228 secdrv - ok
12:31:56.0136 4228 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:31:56.0136 4228 seclogon - ok
12:31:56.0620 4228 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files\Secunia\PSI\PSIA.exe
12:31:56.0620 4228 Secunia PSI Agent - ok
12:31:56.0651 4228 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files\Secunia\PSI\sua.exe
12:31:56.0651 4228 Secunia Update Agent - ok
12:31:56.0979 4228 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
12:31:56.0979 4228 SENS - ok
12:31:57.0088 4228 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
12:31:57.0103 4228 Serenum - ok
12:31:57.0228 4228 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
12:31:57.0228 4228 Serial - ok
12:31:57.0259 4228 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:31:57.0259 4228 sermouse - ok
12:31:57.0275 4228 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:31:57.0275 4228 SessionEnv - ok
12:31:57.0369 4228 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:31:57.0369 4228 sffdisk - ok
12:31:57.0384 4228 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:31:57.0384 4228 sffp_mmc - ok
12:31:57.0400 4228 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:31:57.0400 4228 sffp_sd - ok
12:31:57.0447 4228 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:31:57.0478 4228 sfloppy - ok
12:31:57.0509 4228 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:31:57.0509 4228 SharedAccess - ok
12:31:57.0634 4228 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
12:31:57.0649 4228 ShellHWDetection - ok
12:31:57.0681 4228 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:31:57.0681 4228 sisagp - ok
12:31:57.0821 4228 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:31:57.0837 4228 SiSRaid2 - ok
12:31:57.0993 4228 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:31:57.0993 4228 SiSRaid4 - ok
12:31:58.0117 4228 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
12:31:58.0133 4228 slsvc - ok
12:31:58.0242 4228 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
12:31:58.0258 4228 SLUINotify - ok
12:31:58.0305 4228 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:31:58.0320 4228 Smb - ok
12:31:58.0398 4228 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:31:58.0398 4228 SNMPTRAP - ok
12:31:58.0414 4228 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:31:58.0414 4228 spldr - ok
12:31:58.0461 4228 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
12:31:58.0461 4228 Spooler - ok
12:31:58.0726 4228 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:31:58.0726 4228 srv - ok
12:31:58.0851 4228 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:31:58.0866 4228 srv2 - ok
12:31:58.0897 4228 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:31:58.0897 4228 srvnet - ok
12:31:58.0944 4228 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:31:58.0944 4228 SSDPSRV - ok
12:31:58.0991 4228 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:31:58.0991 4228 SstpSvc - ok
12:31:59.0085 4228 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys
12:31:59.0116 4228 ssudmdm - ok
12:31:59.0272 4228 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
12:31:59.0365 4228 stisvc - ok
12:31:59.0521 4228 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:31:59.0521 4228 swenum - ok
12:31:59.0755 4228 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
12:31:59.0755 4228 swprv - ok
12:31:59.0818 4228 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:31:59.0818 4228 Symc8xx - ok
12:31:59.0880 4228 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:31:59.0880 4228 Sym_hi - ok
12:32:00.0005 4228 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:32:00.0005 4228 Sym_u3 - ok
12:32:00.0192 4228 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
12:32:00.0317 4228 SysMain - ok
12:32:00.0426 4228 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:32:00.0442 4228 TabletInputService - ok
12:32:00.0707 4228 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
12:32:00.0707 4228 TapiSrv - ok
12:32:00.0754 4228 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:32:00.0754 4228 TBS - ok
12:32:01.0113 4228 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
12:32:01.0144 4228 Tcpip - ok
12:32:01.0175 4228 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
12:32:01.0175 4228 Tcpip6 - ok
12:32:01.0237 4228 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
12:32:01.0253 4228 tcpipreg - ok
12:32:01.0347 4228 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:32:01.0347 4228 TDPIPE - ok
12:32:01.0487 4228 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:32:01.0549 4228 TDTCP - ok
12:32:01.0690 4228 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:32:01.0768 4228 tdx - ok
12:32:01.0799 4228 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:32:01.0799 4228 TermDD - ok
12:32:02.0080 4228 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
12:32:02.0080 4228 TermService - ok
12:32:02.0283 4228 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
12:32:02.0283 4228 Themes - ok
12:32:02.0376 4228 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:32:02.0392 4228 THREADORDER - ok
12:32:02.0392 4228 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:32:02.0407 4228 TrkWks - ok
12:32:02.0439 4228 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
12:32:02.0439 4228 TrustedInstaller - ok
12:32:02.0595 4228 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:32:02.0595 4228 tssecsrv - ok
12:32:02.0641 4228 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:32:02.0641 4228 tunmp - ok
12:32:02.0704 4228 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:32:02.0719 4228 tunnel - ok
12:32:02.0766 4228 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:32:02.0766 4228 uagp35 - ok
12:32:02.0844 4228 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:32:02.0844 4228 udfs - ok
12:32:02.0922 4228 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:32:02.0938 4228 UI0Detect - ok
12:32:03.0031 4228 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:32:03.0031 4228 uliagpkx - ok
12:32:03.0047 4228 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:32:03.0063 4228 uliahci - ok
12:32:03.0109 4228 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:32:03.0125 4228 UlSata - ok
12:32:03.0156 4228 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:32:03.0172 4228 ulsata2 - ok
12:32:03.0219 4228 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:32:03.0219 4228 umbus - ok
12:32:03.0234 4228 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:32:03.0234 4228 upnphost - ok
12:32:03.0312 4228 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
12:32:03.0312 4228 usbccgp - ok
12:32:03.0328 4228 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:32:03.0328 4228 usbcir - ok
12:32:03.0375 4228 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:32:03.0375 4228 usbehci - ok
12:32:03.0390 4228 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:32:03.0406 4228 usbhub - ok
12:32:03.0453 4228 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
12:32:03.0453 4228 usbohci - ok
12:32:03.0468 4228 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
12:32:03.0468 4228 usbprint - ok
12:32:03.0499 4228 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:32:03.0499 4228 USBSTOR - ok
12:32:03.0546 4228 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:32:03.0546 4228 usbuhci - ok
12:32:03.0577 4228 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
12:32:03.0577 4228 UxSms - ok
12:32:03.0889 4228 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
12:32:03.0952 4228 vds - ok
12:32:03.0967 4228 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:32:03.0967 4228 vga - ok
12:32:03.0983 4228 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:32:03.0983 4228 VgaSave - ok
12:32:03.0999 4228 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:32:03.0999 4228 viaagp - ok
12:32:04.0014 4228 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:32:04.0014 4228 ViaC7 - ok
12:32:04.0030 4228 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:32:04.0045 4228 viaide - ok
12:32:04.0045 4228 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:32:04.0045 4228 volmgr - ok
12:32:04.0108 4228 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:32:04.0108 4228 volmgrx - ok
12:32:04.0155 4228 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:32:04.0170 4228 volsnap - ok
12:32:04.0201 4228 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:32:04.0201 4228 vsmraid - ok
12:32:04.0264 4228 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
12:32:04.0295 4228 VSS - ok
12:32:04.0311 4228 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
12:32:04.0311 4228 W32Time - ok
12:32:04.0326 4228 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:32:04.0342 4228 WacomPen - ok
12:32:04.0357 4228 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:32:04.0357 4228 Wanarp - ok
12:32:04.0357 4228 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:32:04.0357 4228 Wanarpv6 - ok
12:32:04.0404 4228 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
12:32:04.0404 4228 wcncsvc - ok
12:32:04.0435 4228 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:32:04.0435 4228 WcsPlugInService - ok
12:32:04.0451 4228 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:32:04.0451 4228 Wd - ok
12:32:04.0482 4228 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:32:04.0482 4228 Wdf01000 - ok
12:32:04.0529 4228 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:32:04.0529 4228 WdiServiceHost - ok
12:32:04.0529 4228 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:32:04.0529 4228 WdiSystemHost - ok
12:32:04.0545 4228 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
12:32:04.0545 4228 WebClient - ok
12:32:04.0607 4228 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:32:04.0638 4228 Wecsvc - ok
12:32:04.0654 4228 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:32:04.0669 4228 wercplsupport - ok
12:32:04.0669 4228 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
12:32:04.0685 4228 WerSvc - ok
12:32:04.0763 4228 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:32:04.0763 4228 WinDefend - ok
12:32:04.0779 4228 WinHttpAutoProxySvc - ok
12:32:04.0857 4228 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
12:32:04.0857 4228 Winmgmt - ok
12:32:04.0997 4228 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:32:05.0122 4228 WinRM - ok
12:32:05.0153 4228 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
12:32:05.0200 4228 Wlansvc - ok
12:32:05.0481 4228 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:32:05.0481 4228 wlidsvc - ok
12:32:05.0855 4228 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
12:32:05.0871 4228 WmiAcpi - ok
12:32:06.0058 4228 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
12:32:06.0058 4228 wmiApSrv - ok
12:32:06.0198 4228 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:32:06.0198 4228 WMPNetworkSvc - ok
12:32:06.0261 4228 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
12:32:06.0323 4228 WPCSvc - ok
12:32:06.0729 4228 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
12:32:06.0729 4228 WPDBusEnum - ok
12:32:07.0056 4228 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:32:07.0056 4228 WpdUsb - ok
12:32:07.0399 4228 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:32:07.0399 4228 WPFFontCache_v0400 - ok
12:32:07.0633 4228 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:32:07.0633 4228 ws2ifsl - ok
12:32:07.0805 4228 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
12:32:07.0805 4228 wscsvc - ok
12:32:07.0961 4228 WSearch - ok
12:32:08.0023 4228 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
12:32:08.0070 4228 wuauserv - ok
12:32:08.0101 4228 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:32:08.0101 4228 WUDFRd - ok
12:32:08.0164 4228 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
12:32:08.0179 4228 wudfsvc - ok
12:32:08.0195 4228 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:32:08.0273 4228 \Device\Harddisk0\DR0 - ok
12:32:08.0289 4228 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
12:32:08.0320 4228 \Device\Harddisk1\DR1 - ok
12:32:08.0351 4228 Boot (0x1200) (3dfd8f055873d9238e5377622da9fb66) \Device\Harddisk0\DR0\Partition0
12:32:08.0351 4228 \Device\Harddisk0\DR0\Partition0 - ok
12:32:08.0429 4228 Boot (0x1200) (c16041381db22404c8fc65dde425fb44) \Device\Harddisk0\DR0\Partition1
12:32:08.0429 4228 \Device\Harddisk0\DR0\Partition1 - ok
12:32:08.0445 4228 Boot (0x1200) (6bd16e1456e3009ecbc3ad5c78ec163c) \Device\Harddisk1\DR1\Partition0
12:32:08.0445 4228 \Device\Harddisk1\DR1\Partition0 - ok
12:32:08.0445 4228 ============================================================
12:32:08.0445 4228 Scan finished
12:32:08.0445 4228 ============================================================
12:32:08.0460 4160 Detected object count: 0
12:32:08.0460 4160 Actual detected object count: 0
12:32:15.0886 4224 Deinitialize success
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby pgmigg » March 27th, 2012, 12:19 pm

Hello chris3356,

Thank you for the replay. Both TDSSKiller reports are clean but differences can be explained by fact that sometime during the month between scans you added one hard drive to computer which caused to run more services, processes, etc.

Let continue to check your computer...

Step 1.
Security Check
Please download Security Check ... by screen317. Save it to your Desktop.
Alternate download site: Link 2
  1. Double click the SecurityCheck.exe icon to begin.
  2. Press the Space Bar when you see the "press any key to continue..." message.
    A Notepad results file will open automatically called checkup.txt
  3. Save checkup.txt to your desktop. (This output file is NOT automatically saved!)
  4. Please copy/paste the entire contents of the checkup.txt file into your next reply.

Step 2.
Farbar Service Scanner
  1. Please download Farbar Service Scanner and save it to your Desktop.
  2. Right click on FSS.exe and select "Run As Administrator..." to run it.
  3. Select the following options:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center / Action Center
    • Windows Update
    • Windows Defender
  4. Press the "Scan" button.
  5. When finished, a text file named FSS.txt will be created on your desktop. (Same folder the tool is run).
  6. Please copy and paste the contents of the FSS.txt log to your next reply.

Step 3.
Malwarebytes' Anti-Malware Rerun
You already have Malwarebytes' Anti-Malware installed.
  1. Please start MBAM (Malwarebytes' Anti-Malware) again.
    You must be connected to the Internet to obtain any updates.
  2. Press the Update tab. Then press the Check for Updates...button. <<---Important!
    Once any updates are installed or you get the message that you are up-to-date
  3. Press the Scanner tab...
  4. Select FULL SCAN this time... then press the Scan...button. This scan will take a while, so please be patient.
    When the scan finishes...
  5. Check all items except any items (if present) in the C:\System Volume Information folder... then click on Remove Selected.
  6. Let MBAM remove what it can... if there are files to be deleted on reboot... please reboot the machine so MBAM can finish the removal.
    If you rebooted, then you'll need to start MBAM again.
  7. Press the LOG... tab. Locate the most current log file.
    Please copy and paste the most recent log (from this new run) in your next reply.

Step 4.
ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

  1. Firstly please Disable any Antivirus you have active, as shown in This topic.
  2. Note: Don't forget to re-enable it after the scan.
  3. Next please click on the following link to open a new window to ESET online scannner
  4. Then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  5. Select the option YES, I accept the Terms of Use then click on: Image
  6. When prompted allow the Add-On/Active X to install.
  7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  8. Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  9. Now click on: Image
  10. The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  11. When completed the Online Scan will begin automatically.
  12. Do not touch either the mouse or keyboard during the scan otherwise it may stall.
  13. When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  14. Now click on: Image
  15. Use notepad to open the log file located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  16. Copy and paste that log as a reply to this topic.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of checkup.txt report after Security Check run;
  3. Contents of a FSS.txt log file after FSS scan
  4. Contents of the most recent MBAM log file
  5. Contents of scan results from C:\Program Files\ESET\EsetOnlineScanner\log.txt file.

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby chris3356 » March 27th, 2012, 11:22 pm

can you tell me what you mean I added a hard drive? I haven't added anything, the only thing I have done is uninstall norton, no hard drive has been changed or added, is this a concern?

I have a partition which the guy at the shop set up in case I need to formatt it but not used that for months, should I be worried? definetaley not added another hard drive I wouldnt know how
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby chris3356 » March 28th, 2012, 12:34 am

Results of screen317's Security Check version 0.99.32
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
avast! Internet Security
ESET Online Scanner v3
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

McAfee SiteAdvisor
Secunia PSI (2.0.0.4003)
CCleaner
Java(TM) 6 Update 22
Java(TM) 6 Update 31
Java(TM) 7 Update 3
Adobe Flash Player 11.1.102.63
Adobe Reader X (10.1.2)
Mozilla Firefox 10.0.3 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````


Farbar Service Scanner Version: 01-03-2012
Ran by Chris (administrator) on 28-03-2012 at 04:24:54
Running from "C:\Users\Chris\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.27.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Chris :: DELL-530 [administrator]

Protection: Enabled

28/03/2012 04:25:56
mbam-log-2012-03-28 (04-25-56).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 270894
Time elapsed: 1 hour(s), 7 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-01 01:34:31
# local_time=2012-01-01 01:34:31 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 435800 19728172 0 0
# compatibility_mode=5892 16776574 100 100 28598173 162955294 0 0
# compatibility_mode=8192 67108863 100 0 3872 3872 0 0
# scanned=97609
# found=0
# cleaned=0
# scan_time=2305
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-09 05:05:38
# local_time=2012-01-09 05:05:38 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1139972 20432344 0 0
# compatibility_mode=5892 16776574 100 100 29302345 163659466 0 0
# compatibility_mode=8192 67108863 100 0 708044 708044 0 0
# scanned=91468
# found=0
# cleaned=0
# scan_time=1999
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-13 12:56:48
# local_time=2012-01-13 12:56:48 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1427559 20719931 0 0
# compatibility_mode=5892 16776574 100 100 29589932 163947053 0 0
# compatibility_mode=8192 67108863 100 0 995631 995631 0 0
# scanned=91622
# found=0
# cleaned=0
# scan_time=1882
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-13 02:33:34
# local_time=2012-01-13 02:33:34 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1433297 20725669 0 0
# compatibility_mode=5892 16776574 100 100 29595670 163952791 0 0
# compatibility_mode=8192 67108863 100 0 1001369 1001369 0 0
# scanned=91481
# found=0
# cleaned=0
# scan_time=1951
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-17 03:13:25
# local_time=2012-01-17 03:13:25 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1824261 21116633 0 0
# compatibility_mode=5892 16776574 100 100 29986634 164343755 0 0
# compatibility_mode=8192 67108863 100 0 1392333 1392333 0 0
# scanned=92503
# found=1
# cleaned=0
# scan_time=2178
C:\Users\Chris\AppData\Local\Mozilla\Firefox\Profiles\xqs4swdo.default\Cache\E\AE\42687d01 HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-17 05:06:37
# local_time=2012-01-17 05:06:37 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1832705 21125077 0 0
# compatibility_mode=5892 16776574 100 100 29995078 164352199 0 0
# compatibility_mode=8192 67108863 100 0 1400777 1400777 0 0
# scanned=11632
# found=0
# cleaned=0
# scan_time=526
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-17 06:00:34
# local_time=2012-01-17 06:00:34 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1834472 21126844 0 0
# compatibility_mode=5892 16776574 100 100 29996845 164353966 0 0
# compatibility_mode=8192 67108863 100 0 1402544 1402544 0 0
# scanned=90948
# found=0
# cleaned=0
# scan_time=1996
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-18 07:02:14
# local_time=2012-01-18 07:02:14 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1881356 21173728 0 0
# compatibility_mode=5892 16776574 100 100 30043729 164400850 0 0
# compatibility_mode=8192 67108863 100 0 1449428 1449428 0 0
# scanned=90950
# found=0
# cleaned=0
# scan_time=2012
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-18 08:20:32
# local_time=2012-01-18 08:20:32 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1929624 21221996 0 0
# compatibility_mode=5892 16776574 100 100 30091997 164449118 0 0
# compatibility_mode=8192 67108863 100 0 1497696 1497696 0 0
# scanned=91528
# found=0
# cleaned=0
# scan_time=1642
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-21 02:12:26
# local_time=2012-01-21 02:12:26 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 2166288 21458660 0 0
# compatibility_mode=5892 16776574 100 100 30328661 164685782 0 0
# compatibility_mode=8192 67108863 100 0 1734360 1734360 0 0
# scanned=91043
# found=0
# cleaned=0
# scan_time=2092
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-07 10:37:43
# local_time=2012-02-07 10:37:43 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 101187 15174548 0 0
# compatibility_mode=5892 16776574 100 100 31827443 166184564 0 0
# compatibility_mode=8192 67108863 100 0 3233142 3233142 0 0
# scanned=100715
# found=0
# cleaned=0
# scan_time=2427
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-10 05:56:18
# local_time=2012-02-10 05:56:18 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 343430 15416791 0 0
# compatibility_mode=5892 16776574 100 100 32069686 166426807 0 0
# compatibility_mode=8192 67108863 100 0 3475385 3475385 0 0
# scanned=96767
# found=0
# cleaned=0
# scan_time=2498
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-16 12:13:55
# local_time=2012-02-16 12:13:55 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 797577 15870938 0 0
# compatibility_mode=5892 16776574 100 100 32523833 166880954 0 0
# compatibility_mode=8192 67108863 100 0 3929532 3929532 0 0
# scanned=98122
# found=0
# cleaned=0
# scan_time=3009
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-22 04:08:05
# local_time=2012-02-22 04:08:05 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1330398 16403759 0 0
# compatibility_mode=5892 16776574 100 100 33056654 167413775 0 0
# compatibility_mode=8192 67108863 100 0 4462353 4462353 0 0
# scanned=119171
# found=0
# cleaned=0
# scan_time=2638
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-24 09:57:32
# local_time=2012-02-24 09:57:32 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1567529 16640890 0 0
# compatibility_mode=5892 16776574 100 100 33293785 167650906 0 0
# compatibility_mode=8192 67108863 100 0 4699484 4699484 0 0
# scanned=98383
# found=0
# cleaned=0
# scan_time=2474
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-28 10:27:00
# local_time=2012-02-28 10:27:00 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 1914890 16988251 0 0
# compatibility_mode=5892 16776574 100 100 33641146 167998267 0 0
# compatibility_mode=8192 67108863 100 0 5046845 5046845 0 0
# scanned=97302
# found=0
# cleaned=0
# scan_time=2480
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-03 07:11:53
# local_time=2012-03-03 07:11:53 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 2248700 17322061 0 0
# compatibility_mode=5892 16776574 100 100 33974956 168332077 0 0
# compatibility_mode=8192 67108863 100 0 5380655 5380655 0 0
# scanned=97482
# found=0
# cleaned=0
# scan_time=2563
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-07 09:25:54
# local_time=2012-03-07 09:25:54 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3588 16777214 85 70 2602396 17675757 0 0
# compatibility_mode=5892 16776574 100 100 34328652 168685773 0 0
# compatibility_mode=8192 67108863 100 0 5734351 5734351 0 0
# scanned=97318
# found=0
# cleaned=0
# scan_time=2508
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-09 09:11:20
# local_time=2012-03-09 09:11:20 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3073 16777213 80 71 43398 8832672 0 0
# compatibility_mode=5892 16776574 100 100 34500865 168857986 0 0
# compatibility_mode=8192 67108863 100 0 5906564 5906564 0 0
# scanned=95408
# found=0
# cleaned=0
# scan_time=2221
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-13 05:38:02
# local_time=2012-03-13 05:38:02 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 34833863 169190984 0 0
# compatibility_mode=8192 67108863 100 0 6239562 6239562 0 0
# scanned=95554
# found=0
# cleaned=0
# scan_time=2026
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-25 08:06:44
# local_time=2012-03-25 09:06:44 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 35881611 170238732 0 0
# compatibility_mode=8192 67108863 100 0 7287310 7287310 0 0
# scanned=13
# found=0
# cleaned=0
# scan_time=0
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-25 08:55:51
# local_time=2012-03-25 09:55:51 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 35881683 170238804 0 0
# compatibility_mode=8192 67108863 100 0 7287382 7287382 0 0
# scanned=102935
# found=0
# cleaned=0
# scan_time=2875
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-28 04:33:39
# local_time=2012-03-28 05:33:39 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 36080960 170438081 0 0
# compatibility_mode=8192 67108863 100 0 7486659 7486659 0 0
# scanned=101417
# found=0
# cleaned=0
# scan_time=3865
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby pgmigg » March 28th, 2012, 5:40 pm

Hello chris3356,
can you tell me what you mean I added a hard drive?
Sorry for some kind of not clear statement I made. I meant that on time of running last TDSSKiller in your computer was plugged USD flash drive and it was the reason for the difference in the TDSSKiller reports.

Your latest set of logs appear to be clean! But before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps...

Step 1.
Download fresh and latest Firefox
  1. Please open Firefox via any other browser you have.
  2. Click on Firefox Free Download green field and safe Firefox Setup 11.0.exe on the Desktop.

Step 2.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 31
    Mozilla Firefox 10.0.3
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 3.
Install fresh Firefox
  1. Right click on Firefox Setup 11.0.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Then follow installation prompts...

Step 4.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the box at the top, labeled Include 64-bit scans
  4. Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  5. Click on Run Scan at the top left hand corner.
  6. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  7. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of a OTL.txt log file
  3. Contents of a Extras.txt log file
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby chris3356 » March 28th, 2012, 7:02 pm

double post sorry
Last edited by chris3356 on March 28th, 2012, 7:30 pm, edited 1 time in total.
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby chris3356 » March 28th, 2012, 7:06 pm

hi
am still a bit concerned about the flash drive
I did have one but only had 2 files on so cant understand why its 150 more processes.

OTL logfile created on: 28/03/2012 23:54:13 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 63.74% Memory free
6.21 Gb Paging File | 4.85 Gb Available in Paging File | 78.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 198.07 Gb Free Space | 68.70% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.89 Gb Free Space | 39.82% Space Free | Partition Type: NTFS

Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/28 23:36:31 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe
PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/07 00:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/02/08 01:29:41 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 15:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/28 00:21:18 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/12/28 00:21:08 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/10/14 07:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/14 07:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/10/14 07:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/25 00:14:57 | 000,115,137 | ---- | M] () -- C:\Users\Chris\AppData\Local\temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
MOD - [2012/03/19 14:37:39 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/02/20 19:19:01 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
MOD - [2012/02/20 19:17:35 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4017661cfa4a173b878d7e2a949c3a9e\System.Runtime.Remoting.ni.dll
MOD - [2012/02/20 19:17:28 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
MOD - [2012/02/20 19:01:13 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bd3685e578c22d17625390d847973de0\PresentationFramework.ni.dll
MOD - [2012/02/20 19:00:59 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\008fbb2e42b3c2569ff58d651575ff29\PresentationCore.ni.dll
MOD - [2012/02/20 19:00:57 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\33eae86e0a5d9bcc4d0e4e469e2ac36a\System.Windows.Forms.ni.dll
MOD - [2012/02/20 19:00:49 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
MOD - [2012/02/20 19:00:48 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0c7b3ff43f1b29cad7dde24bdbd5b79\WindowsBase.ni.dll
MOD - [2012/02/20 19:00:44 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2c958d61dd28474ec780db9d18d266ae\System.Drawing.ni.dll
MOD - [2012/02/20 19:00:39 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
MOD - [2012/02/20 19:00:37 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
MOD - [2012/02/20 19:00:32 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
MOD - [2012/02/20 19:00:26 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
MOD - [2011/12/28 00:21:18 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\TEMP\018465~1.EXE -- (0184651330180573mcinstcleanup) McAfee Application Installer Cleanup (0184651330180573)
SRV - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/07 00:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/13 12:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/14 07:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 07:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/03/07 00:04:25 | 000,112,984 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/03/07 00:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 00:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 00:03:23 | 000,196,440 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/03/07 00:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/03/07 00:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/07 00:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 00:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 00:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 23:44:51 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2011/12/10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/12/08 05:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011/12/08 05:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2010/09/13 17:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/12/10 21:48:26 | 000,043,520 | ---- | M] (--) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MOSUMAC.SYS -- (MOSUMAC)
DRV - [2008/03/18 17:23:06 | 000,020,480 | ---- | M] (GoTrusted) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gttap1.sys -- (gttap1)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.visagecomputers.co.uk/
IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4d4c00cf ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/08 01:30:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/25 16:51:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/26 13:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/28 23:19:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/08 01:30:35 | 000,000,000 | ---D | M]

[2012/03/09 23:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2012/03/19 14:25:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\9rqz3obm.default\extensions
[2012/03/13 15:54:30 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\9rqz3obm.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2012/03/28 23:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/26 13:04:52 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\CHRIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RQZ3OBM.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\CHRIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RQZ3OBM.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/03/13 05:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/13 05:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 01:39:13 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/03/13 05:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/02/14 14:40:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001..\Run: [GoTrusted] C:\Program Files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.1.5\GoTrusted Secure Tunnel.exe (GoTrusted.com)
O4 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: DhcpNameServer = 192.168.0.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/28 21:30:00 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{20681B9D-4B1F-4639-B2F0-CE1C788ECC70}
[2012/03/28 21:29:04 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{CD805423-808F-4FDA-A5B0-76140ABB3FBD}
[2012/03/28 07:15:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{66CF7431-29FC-4F0E-8C0B-4999B2B2901E}
[2012/03/28 07:14:58 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{295C6D15-F950-4129-BAC8-A29FAE985E50}
[2012/03/27 19:14:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{AB02CADF-1985-4ACB-B3FC-8C1F6A441663}
[2012/03/27 19:13:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{D6117B21-F034-44D0-B0E5-5920CCE2DD39}
[2012/03/27 03:51:47 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{7E6321DE-9EC4-4D9E-9519-9DAC0D9CBC8D}
[2012/03/27 03:51:33 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{9277530F-A3D6-4BA4-B5CF-5E11C507CE12}
[2012/03/26 13:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/03/26 13:07:54 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/03/26 13:07:51 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/03/26 13:07:43 | 000,112,984 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/03/26 13:05:29 | 000,196,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/03/26 13:05:28 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/03/26 13:05:27 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/03/26 13:05:27 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/03/26 13:05:26 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/03/26 13:05:25 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/03/26 13:04:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/03/26 13:04:41 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/03/26 13:04:39 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/03/26 12:17:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{AD097196-043B-4AA7-8064-47FA31FE3CEB}
[2012/03/26 12:17:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{FD2CC216-CEC1-474B-BA73-717D21F73506}
[2012/03/26 12:13:19 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/03/25 19:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/03/25 18:07:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{A2AFB524-5BB1-4647-9EF6-9E432B0347B4}
[2012/03/25 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{FE1A7912-18DC-4C8D-86FA-5AE67186A88B}
[2012/03/25 16:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/25 04:14:02 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\RealNetworks
[2012/03/19 14:38:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2012/03/19 14:37:22 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/03/19 14:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/03/19 14:34:53 | 000,224,136 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/03/19 14:34:53 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/03/19 14:34:53 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/03/19 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2012/03/18 21:07:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\tiger-k
[2012/03/18 21:07:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Leawo
[2012/03/18 21:07:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Leawo
[2012/03/18 21:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/03/18 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012/03/18 21:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2012/03/18 21:06:43 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvidcore.dll
[2012/03/18 21:06:43 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2012/03/18 21:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2012/03/14 16:33:08 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/14 16:33:06 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/03/14 16:33:06 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/03/14 16:33:06 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/03/14 16:33:06 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/14 16:33:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/03/14 16:32:49 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/09 23:39:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Mozilla
[2012/03/09 23:39:00 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Comodo
[2012/03/09 10:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/03/09 10:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/03/09 10:34:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/03/09 10:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/03/09 10:29:56 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012/03/09 10:24:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011/12/28 15:52:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2012/03/28 23:26:45 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/28 23:26:45 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/28 23:20:26 | 000,005,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 23:20:26 | 000,005,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 23:20:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/28 23:20:18 | 3209,875,456 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/28 23:19:14 | 000,000,870 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/28 23:19:13 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/26 13:07:58 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/03/26 13:05:25 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/03/26 12:06:58 | 000,001,041 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2012/03/26 11:47:12 | 000,029,184 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/25 16:39:12 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/20 02:34:56 | 000,256,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/19 14:38:47 | 000,001,028 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/03/19 14:37:22 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/03/18 21:06:44 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[2012/03/15 22:44:04 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/03/15 22:16:49 | 000,001,754 | ---- | M] () -- C:\Users\Chris\Desktop\Update Checker.lnk
[2012/03/13 14:45:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/03/09 10:29:56 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012/03/09 10:24:28 | 000,001,057 | ---- | M] () -- C:\Users\Chris\Desktop\Revo Uninstaller.lnk
[2012/03/07 18:07:30 | 000,614,499 | ---- | M] () -- C:\Users\Chris\AppData\Local\census.cache
[2012/03/07 18:07:27 | 000,163,945 | ---- | M] () -- C:\Users\Chris\AppData\Local\ars.cache
[2012/03/07 00:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/03/07 00:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/03/07 00:04:25 | 000,112,984 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/03/07 00:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/03/07 00:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/03/07 00:03:23 | 000,196,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/03/07 00:02:43 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/03/07 00:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/03/07 00:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/03/07 00:01:48 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/03/07 00:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/03/06 23:44:51 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys

========== Files Created - No Company Name ==========

[2012/03/26 13:07:58 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/03/25 16:39:12 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/19 14:38:47 | 000,001,028 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/03/19 14:37:22 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/03/18 21:07:14 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/03/18 21:06:44 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[2012/03/09 23:39:37 | 000,000,870 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/09 23:39:37 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/09 23:39:36 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/09 10:24:28 | 000,001,057 | ---- | C] () -- C:\Users\Chris\Desktop\Revo Uninstaller.lnk
[2012/03/08 04:02:04 | 000,001,041 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
[2012/01/13 09:10:03 | 000,614,499 | ---- | C] () -- C:\Users\Chris\AppData\Local\census.cache
[2012/01/13 09:09:35 | 000,163,945 | ---- | C] () -- C:\Users\Chris\AppData\Local\ars.cache
[2012/01/13 08:12:43 | 000,000,036 | ---- | C] () -- C:\Users\Chris\AppData\Local\housecall.guid.cache
[2011/12/28 15:52:30 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat
[2011/12/28 15:52:30 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf
[2011/12/28 08:42:22 | 000,029,184 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/23 21:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/12/23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/12/23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/12/23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/12/23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/02/04 14:50:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/04 14:50:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/04 14:19:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2011/02/04 13:24:09 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/03/18 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leawo
[2012/03/19 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2012/01/22 20:02:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Samsung
[2012/03/18 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\tiger-k
[2012/03/26 15:04:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Vso
[2012/03/28 23:19:38 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 28/03/2012 23:54:13 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 63.74% Memory free
6.21 Gb Paging File | 4.85 Gb Available in Paging File | 78.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 198.07 Gb Free Space | 68.70% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.89 Gb Free Space | 39.82% Space Free | Partition Type: NTFS

Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66DA123C-20BA-4BF5-807B-56DD045F3DC1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7581500E-176F-4EB2-BAF0-C2B422A28AAE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DF4322E7-A8F4-4CDA-97E0-1F16E3619F58}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F90F0B39-2DFB-46FB-AD77-58B3F1CC027D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A98C711-D518-40A0-8682-2CBDD0F41A4C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{39DDA8C9-459F-4031-B48E-6C18F49A046D}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{40D3180F-159E-490F-B7AE-C78FB21B4835}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{6F2BB904-B011-49BA-9FCC-D9B076A725D6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{7F2385FC-8BDB-4F8D-977F-5E7E212778D2}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{8888D5A1-B51B-46D2-90DB-74EB76149035}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{E00B87B6-1B74-441A-B6C4-529AD3385CBF}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1" = Leawo Video Converter version 5.1.0.0
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CCCDF430-FFC5-41E8-82EB-FB7959EBC450}" = GoTrusted Secure Tunnel v2.3.1.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"EasyBCD" = EasyBCD 1.7
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 2180] [2008-10-04]
"FileHippo.com" = FileHippo.com Update Checker
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Nero7Lite_is1" = Nero 7 Lite 7.10.1.2
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.93
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/03/2012 07:27:50 | Computer Name = DELL-530 | Source = WinMgmt | ID = 10
Description =

Error - 26/03/2012 07:27:53 | Computer Name = DELL-530 | Source = Windows Search Service | ID = 3013
Description =

Error - 26/03/2012 07:27:53 | Computer Name = DELL-530 | Source = Windows Search Service | ID = 3013
Description =

Error - 26/03/2012 07:27:53 | Computer Name = DELL-530 | Source = Windows Search Service | ID = 3013
Description =

Error - 26/03/2012 07:35:32 | Computer Name = DELL-530 | Source = VSS | ID = 8194
Description =

Error - 26/03/2012 07:35:39 | Computer Name = DELL-530 | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 26/03/2012 07:36:37 | Computer Name = DELL-530 | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 26/03/2012 07:38:36 | Computer Name = DELL-530 | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 26/03/2012 07:39:13 | Computer Name = DELL-530 | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 26/03/2012 07:54:41 | Computer Name = DELL-530 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 17/02/2012 16:58:02 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7000
Description =

Error - 17/02/2012 16:58:33 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7009
Description =

Error - 17/02/2012 16:58:33 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7000
Description =

Error - 17/02/2012 16:59:03 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7009
Description =

Error - 17/02/2012 16:59:03 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7000
Description =

Error - 19/02/2012 02:13:29 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7011
Description =

Error - 20/02/2012 08:34:52 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7011
Description =

Error - 20/02/2012 08:35:22 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7011
Description =

Error - 20/02/2012 08:35:52 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7011
Description =

Error - 20/02/2012 13:50:27 | Computer Name = DELL-530 | Source = Service Control Manager | ID = 7043
Description =


< End of report >
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby chris3356 » March 28th, 2012, 7:12 pm

Can I ask if its okay to use a license for avast that's in the public domain? Its not a crack, just a licence someone had posted, apparently not illegal

I did all you asked but secuina says I need to patch firefox 10 even though I have firefox 11 now and just given me 98.8% score.
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby pgmigg » March 29th, 2012, 10:59 am

Hello chris3356,
Can I ask if its okay to use a license for avast that's in the public domain? Its not a crack, just a licence someone had posted,
apparently not illegal
It is not OK completely! The legit license is that one and only that which was obtained personally for you only via free or paid registration processing given you by Avast after you downloaded and installed free or paid version of their software!
Any other license was already received by someone else (even it was obtained legally), cracked, or even stolen and cannot be used by anyone else!
am still a bit concerned about the flash drive
I did have one but only had 2 files on so cant understand why its 150 more processes.
Please don't worry a lot. When you look at the computer, no one can guarantee that the number of running processes and services will always be the same. It depends on many factors and can not be predicted. Between the two scans that you have presented to me a month passed, and of course your computer has changed - it can be likened to a living organism...

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a couple additional steps.

Step 1.
OTL - Run Fix Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code: Select all
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
OTL-Cleanup
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.


Finally, please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby chris3356 » March 29th, 2012, 6:54 pm

thanks for your help mate :)
chris3356
Active Member
 
Posts: 8
Joined: March 24th, 2012, 7:19 pm

Re: Processes running and slow comp

Unread postby pgmigg » March 30th, 2012, 11:43 am

You are welcome chris3356! :)
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Processes running and slow comp

Unread postby deltalima » March 30th, 2012, 1:12 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 138 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware