Computer is freezing up and running slow

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Sat Feb 20, 2010 3:54 am

File svchost.exe received on 2010.02.20 03:51:33 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/41 (0%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.02.19 -
AhnLab-V3 5.0.0.2 2010.02.19 -
AntiVir 8.2.1.170 2010.02.19 -
Antiy-AVL 2.0.3.7 2010.02.19 -
Authentium 5.2.0.5 2010.02.19 -
Avast 4.8.1351.0 2010.02.19 -
AVG 9.0.0.730 2010.02.19 -
BitDefender 7.2 2010.02.20 -
CAT-QuickHeal 10.00 2010.02.19 -
ClamAV 0.96.0.0-git 2010.02.19 -
Comodo 3996 2010.02.20 -
DrWeb 5.0.1.12222 2010.02.20 -
eSafe 7.0.17.0 2010.02.18 -
eTrust-Vet 35.2.7313 2010.02.19 -
F-Prot 4.5.1.85 2010.02.19 -
F-Secure 9.0.15370.0 2010.02.19 -
Fortinet 4.0.14.0 2010.02.18 -
GData 19 2010.02.20 -
Ikarus T3.1.1.80.0 2010.02.19 -
Jiangmin 13.0.900 2010.02.19 -
K7AntiVirus 7.10.977 2010.02.18 -
Kaspersky 7.0.0.125 2010.02.17 -
McAfee 5897 2010.02.19 -
McAfee+Artemis 5897 2010.02.19 -
McAfee-GW-Edition 6.8.5 2010.02.19 -
Microsoft 1.5406 2010.02.20 -
NOD32 4881 2010.02.19 -
Norman 6.04.08 2010.02.19 -
nProtect 2009.1.8.0 2010.02.19 -
Panda 10.0.2.2 2010.02.19 -
PCTools 7.0.3.5 2010.02.19 -
Prevx 3.0 2010.02.20 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.20 -
Sunbelt 5688 2010.02.20 -
Symantec 20091.2.0.41 2010.02.20 -
TheHacker 6.5.1.5.202 2010.02.19 -
TrendMicro 9.120.0.1004 2010.02.20 -
VBA32 3.12.12.2 2010.02.19 -
ViRobot 2010.2.19.2194 2010.02.19 -
VirusBuster 5.0.27.0 2010.02.19 -
Additional information
File size: 14336 bytes
MD5...: 27c6d03bcdb8cfeb96b716f3d8be3e18
SHA1..: 49083ae3725a0488e0a8fbbe1335c745f70c4667
SHA256: 2910ebc692d833d949bfd56059e8106d324a276d5f165f874f3fb1b6c613cdd5
ssdeep: 384:IDvi+JmG6yqlCRaJt4RHS5LutGJae7g9VJnpWCNJbW:INcG6xlCRaJKGOA7S
HJ
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2509
timedatestamp.....: 0x48025bc0 (Sun Apr 13 19:15:12 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2c00 0x2c00 6.29 f6589e1ed3da6afefb0b4294d9ff7f2e
.data 0x4000 0x210 0x200 1.62 cbd504e46c836e09e8faabdcfbabaec2
.rsrc 0x5000 0x408 0x600 2.51 dcede0c303bbb48c6875eb64477e5882

( 4 imports )
> ADVAPI32.dll: RegQueryValueExW, SetSecurityDescriptorDacl, SetEntriesInAclW, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, InitializeSecurityDescriptor, GetTokenInformation, OpenProcessToken, OpenThreadToken, SetServiceStatus, RegisterServiceCtrlHandlerW, RegCloseKey, RegOpenKeyExW, StartServiceCtrlDispatcherW
> KERNEL32.dll: HeapFree, GetLastError, WideCharToMultiByte, lstrlenW, LocalFree, GetCurrentProcess, GetCurrentThread, GetProcAddress, LoadLibraryExW, LeaveCriticalSection, HeapAlloc, EnterCriticalSection, LCMapStringW, FreeLibrary, lstrcpyW, ExpandEnvironmentStringsW, lstrcmpiW, ExitProcess, GetCommandLineW, InitializeCriticalSection, GetProcessHeap, SetErrorMode, SetUnhandledExceptionFilter, RegisterWaitForSingleObject, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, LocalAlloc, lstrcmpW, DelayLoadFailureHook
> ntdll.dll: NtQuerySecurityObject, RtlFreeHeap, NtOpenKey, wcscat, wcscpy, RtlAllocateHeap, RtlCompareUnicodeString, RtlInitUnicodeString, RtlInitializeSid, RtlLengthRequiredSid, RtlSubAuthoritySid, NtClose, RtlSubAuthorityCountSid, RtlGetDaclSecurityDescriptor, RtlQueryInformationAcl, RtlGetAce, RtlImageNtHeader, wcslen, RtlUnhandledExceptionFilter, RtlCopySid
> RPCRT4.dll: RpcServerUnregisterIfEx, RpcMgmtWaitServerListen, RpcMgmtSetServerStackSize, RpcServerUnregisterIf, RpcServerListen, RpcServerUseProtseqEpW, RpcServerRegisterIf, I_RpcMapWin32Status, RpcMgmtStopServerListening

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Generic Host Process for Win32 Services
original name: svchost.exe
internal name: svchost.exe
file version.: 5.1.2600.5512 (xpsp.080413-2111)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Sat Feb 20, 2010 2:11 pm

Ok. Let's see if we can try again to root out the problem.

Delete your version of ComboFix, and download a new one (run it as noted before). Post a log when done, please.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Tue Feb 23, 2010 3:13 am

I canít get Combofix to run. Keeps saying I have a virus. Application.Win32 Hide Cobofix or ApplicUnsaf.Win32 Hide Combofix. Then it says Windows canít frind 32788R22FWJFW/iexplore.exe then I click ok. I have to do it about 10 times before it goes away. Each time I click it says something different every time after 32788R22FWJFW/ says something different after the slash mark. What do I need to do to get combo fix to run? Do I need to stop Comodo from running while do this? I even named it to black pudding.

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Tue Feb 23, 2010 4:17 pm

No, if you have an antivirus running or any other security software, they need to be disabled before downloading and running it.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Wed Feb 24, 2010 3:50 am

ComboFix 10-02-22.07 - Jonathan Murray 02/23/2010 15:24:54.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.223 [GMT -5:00]
Running from: c:\documents and settings\Jonathan Murray\Desktop\blackpudding.exe
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\gotomon.log
c:\windows\wpe pro.INI
.
---- Previous Run -------
.
G:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-01-23 to 2010-02-23 )))))))))))))))))))))))))))))))
.

2010-02-23 02:30 . 2010-02-23 02:30 -------- d-----w- C:\blackpudding
2010-02-23 02:21 . 2010-02-23 02:45 -------- d-----w- C:\32788R22FWJFW.1.tmp
2010-02-19 21:54 . 2010-02-19 21:55 6885744 ----a-w- c:\program files\WindowsUpdateAgent30-x64.exe
2010-02-19 05:52 . 2010-02-19 05:52 1266056 ----a-w- C:\WindowsXP-KB927891.exe
2010-02-19 05:51 . 2010-02-19 05:51 3038 ----a-w- C:\fix_svchost.bat
2010-02-19 05:50 . 2010-02-19 05:50 6216032 ----a-w- C:\windowsupdateagent30-x86.exe
2010-02-19 02:09 . 2010-02-19 02:13 8327264 ----a-w- c:\program files\Firefox Setup 3.6.exe
2010-02-15 21:03 . 2010-02-15 21:05 -------- d-----w- c:\program files\WhatsRunning
2010-02-15 19:43 . 2010-02-15 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2010-02-15 19:43 . 2010-02-15 19:43 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-02-15 19:43 . 2010-02-15 19:43 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-02-15 19:43 . 2010-02-15 19:43 171552 ----a-w- c:\windows\system32\guard32.dll
2010-02-15 19:43 . 2010-02-15 19:43 134344 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-02-15 19:31 . 2010-02-15 19:36 45174032 ----a-w- c:\program files\CIS_Setup_3.14.130099.587_XP_Vista_x32.exe
2010-02-15 19:22 . 2010-02-15 19:23 9034488 ----a-w- c:\program files\mssefullinstall-x86fre-en-us-xp.exe
2010-02-06 03:14 . 2010-02-06 03:14 -------- d-----w- c:\documents and settings\Jonathan Murray\Application Data\AVG8
2010-02-04 04:15 . 2010-02-04 04:15 -------- d-----w- c:\documents and settings\All Users\Application Data\GoBit Games
2010-02-03 23:15 . 2010-02-03 23:15 -------- d-----w- C:\_OTL
2010-01-28 04:25 . 2010-01-29 22:41 -------- d-----w- C:\ComboFix

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-23 18:32 . 2010-01-07 18:43 580065 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-02-23 02:40 . 2008-05-16 01:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-19 23:55 . 2010-01-07 21:34 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-17 21:50 . 2004-03-24 01:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-02-15 19:43 . 2010-01-07 18:34 -------- d-----w- c:\program files\COMODO
2010-02-15 18:47 . 2010-01-07 18:00 891248 ----a-w- c:\program files\avg_free_stb_all_9_40_cnet.exe
2010-02-06 23:37 . 2010-01-10 22:03 0 ----a-w- c:\documents and settings\Jonathan Murray\Local Settings\Application Data\prvlcl.dat
2010-02-04 22:57 . 2009-12-04 00:27 -------- d-----w- c:\documents and settings\Jonathan Murray\Application Data\BitTorrent
2010-01-28 00:54 . 2010-01-28 19:45 82 ----a-w- c:\program files\CFScript.txt
2010-01-22 04:27 . 2010-01-22 04:27 173119 ----a-w- c:\program files\Rooter.exe
2010-01-21 23:21 . 2010-01-11 04:40 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-01-21 23:21 . 2010-01-11 04:40 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-01-21 23:21 . 2010-01-11 04:40 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-01-21 23:21 . 2010-01-11 04:40 767952 ----a-w- c:\windows\BDTSupport.dll
2010-01-21 04:56 . 2010-01-21 04:56 1956528 ----a-w- c:\program files\install_flash_player_ax.exe
2010-01-20 23:29 . 2009-10-11 22:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-20 23:24 . 2010-01-16 05:11 152576 ----a-w- c:\documents and settings\Jonathan Murray\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-20 23:20 . 2010-01-16 05:09 79488 ----a-w- c:\documents and settings\Jonathan Murray\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-20 03:53 . 2010-01-16 19:51 -------- d-----w- c:\program files\hpHosts
2010-01-18 03:11 . 2004-03-25 03:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-18 02:54 . 2010-01-18 02:53 595499 ----a-w- c:\program files\Autoruns.zip
2010-01-16 05:12 . 2004-12-01 21:15 -------- d-----w- c:\program files\Java
2010-01-16 05:09 . 2010-01-16 05:09 800544 ----a-w- c:\program files\jre-6u17-windows-i586-iftw-rv.exe
2010-01-16 05:05 . 2004-03-24 01:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-16 04:59 . 2010-01-16 04:55 27386256 ----a-w- c:\program files\AdbeRdr930_en_US.exe
2010-01-15 22:07 . 2010-01-15 22:07 843187 ----a-w- c:\program files\SecurityCheck.exe
2010-01-14 23:13 . 2010-01-14 23:13 2672312 ----a-w- c:\program files\esetsmartinstaller_enu.exe
2010-01-13 17:55 . 2008-05-16 23:20 -------- d-----w- c:\program files\Spyware Doctor
2010-01-13 05:24 . 2009-06-01 23:24 0 ----a-w- C:\qinfo.dat
2010-01-11 22:26 . 2010-01-05 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-11 22:15 . 2010-01-11 22:15 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-11 18:32 . 2005-01-08 16:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-11 18:21 . 2009-06-02 20:26 -------- d-----w- c:\program files\Spybot - Search & Destroy1
2010-01-11 04:08 . 2010-01-11 04:04 34628432 ----a-w- c:\program files\sdsetup.exe
2010-01-10 23:41 . 2010-01-10 23:41 117760 ----a-w- c:\documents and settings\Administrator.JONATHAN\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-10 23:40 . 2010-01-10 23:40 -------- d-----w- c:\documents and settings\Administrator.JONATHAN\Application Data\SUPERAntiSpyware.com
2010-01-07 21:07 . 2010-01-05 18:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2010-01-05 18:42 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 18:33 . 2010-01-07 18:28 40603920 ----a-w- c:\program files\CIS_Setup_3.13.125662.579_XP_Vista_x32.exe
2010-01-05 22:50 . 2010-01-05 22:50 117760 ----a-w- c:\documents and settings\Jonathan Murray\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-05 22:45 . 2010-01-05 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-05 22:45 . 2010-01-05 22:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-05 22:44 . 2010-01-05 22:44 -------- d-----w- c:\documents and settings\Jonathan Murray\Application Data\SUPERAntiSpyware.com
2010-01-05 22:44 . 2010-01-05 22:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-05 22:44 . 2010-01-05 22:42 7451168 ----a-w- c:\program files\SUPERAntiSpywarePro.exe
2010-01-05 18:43 . 2010-01-05 18:43 -------- d-----w- c:\documents and settings\Jonathan Murray\Application Data\Malwarebytes
2010-01-05 18:42 . 2010-01-05 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-05 18:41 . 2010-01-05 18:40 5061520 ----a-w- c:\program files\mbam-setup.exe
2010-01-05 05:20 . 2010-01-02 02:55 8086544 ----a-w- c:\program files\Firefox Setup 3.5.6.exe
2010-01-04 06:55 . 2009-08-31 05:12 -------- d-----w- c:\program files\WildGames
2010-01-04 06:29 . 2010-01-04 06:29 44024 ----a-w- c:\program files\bookmarks1-3-09.html
2009-12-31 16:50 . 2003-11-08 12:00 353792 ------w- c:\windows\system32\drivers\srv.sys
2009-12-31 05:26 . 2006-01-30 19:12 44240 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-23 19:32 . 2004-04-07 23:57 44240 ----a-w- c:\documents and settings\Jonathan Murray\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-22 19:17 . 2009-12-22 19:17 10134 ----a-r- c:\documents and settings\Jonathan Murray\Application Data\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
2009-12-22 05:21 . 2003-11-08 12:00 667136 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2009-02-17 01:22 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-14 07:08 . 2003-11-08 12:00 33280 ------w- c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2003-11-08 12:00 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2002-08-29 01:04 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-05 06:33 . 2009-12-05 06:08 214167816 ----a-w- c:\program files\Nero-9.4.26.0_trial.exe
2009-12-04 23:35 . 2009-12-04 23:35 2081039 ----a-w- c:\program files\dvd-author.exe
2009-12-04 23:29 . 2009-12-04 23:29 3119665 ----a-w- c:\program files\dvd-burner.exe
2009-12-04 23:26 . 2009-12-04 23:24 15672013 ----a-w- c:\program files\avc-free.exe
2009-12-04 23:23 . 2009-12-04 22:56 47360 ----a-w- c:\documents and settings\Jonathan Murray\Application Data\pcouffin.sys
2009-12-04 23:23 . 2009-12-04 22:56 47360 ----a-w- c:\documents and settings\Jonathan Murray\Application Data\pcouffin.sys
2009-12-04 22:56 . 2009-12-04 22:56 47360 ------w- c:\windows\system32\drivers\pcouffin.sys
2009-12-04 22:54 . 2009-12-04 22:52 18026336 ----a-w- c:\program files\vsoConvertXtoDVD4_setup.exe
2009-12-04 19:51 . 2009-12-04 19:49 23804080 ----a-w- c:\program files\DivXInstaller.exe
2009-12-04 19:14 . 2009-12-04 19:14 6104788 ----a-w- c:\program files\burnaware_free242.exe
2009-12-04 18:22 . 2003-11-08 12:00 455424 ------w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-04 00:14 . 2009-12-04 00:13 3066744 ----a-w- c:\program files\BitTorrent-6.3c.exe
2009-12-02 23:12 . 2009-12-02 23:12 8084968 ----a-w- c:\program files\Firefox Setup 3.5.5.exe
2009-11-27 17:11 . 2003-11-08 12:00 1291776 ------w- c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2001-08-17 22:36 17920 ------w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2003-11-08 12:00 28672 ------w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36 8704 ------w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2003-11-08 12:00 84992 ------w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2003-11-08 12:00 11264 ------w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2001-08-17 22:36 48128 ------w- c:\windows\system32\iyuv_32.dll
2009-10-07 20:01 . 2009-10-07 20:01 3340064 ----a-w- c:\program files\UnityWebPlayer.exe
2009-10-04 17:12 . 2009-10-04 17:11 12541248 ----a-w- c:\program files\RLCSetup.exe
2009-09-15 19:44 . 2009-09-15 19:42 25685128 ----a-w- c:\program files\wordview_en-us.exe
2009-09-15 19:26 . 2009-09-15 19:26 13824 ----a-r- c:\program files\TRU_Unicru_92908.doc
2009-09-12 20:16 . 2009-09-12 20:16 4122416 ----a-w- c:\program files\freeclip.exe
2009-09-11 23:10 . 2009-09-11 22:55 52736 ----a-w- c:\program files\oown_resume_template.doc
2009-09-04 19:49 . 2009-09-04 19:47 11729274 ----a-w- c:\program files\installeasyjob.exe
2009-09-02 19:29 . 2009-09-02 19:29 8050536 ----a-w- c:\program files\Firefox Setup 3.5.2.exe
2009-07-07 23:46 . 2009-07-07 23:45 359656 ----a-w- c:\program files\msicuu2.exe
2009-02-17 01:18 . 2009-02-16 04:28 16939888 ----a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe
2008-11-23 17:56 . 2008-11-23 17:56 25740144 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2008-09-06 03:18 . 2005-01-03 03:29 1505160 ----a-w- c:\program files\install_easyshare.exe
2008-07-04 00:24 . 2008-07-04 00:21 1445888 ----a-w- c:\program files\WinsockxpFix.exe
2008-05-31 02:17 . 2008-05-31 02:07 9723880 ----a-w- c:\program files\spybotsd152.exe
2008-05-29 00:21 . 2008-05-29 00:21 1244712 ----a-w- c:\program files\SetupOneCare.exe
2008-05-28 03:12 . 2008-05-28 03:12 7608344 ----a-w- c:\program files\spyhunterFULL.exe
2008-05-09 13:47 . 2008-05-09 13:47 1206366 ----a-w- c:\program files\wrar371.exe
2008-05-09 13:43 . 2008-05-09 13:43 244784 ----a-w- c:\program files\gnie_s_dvd4-iml2iso.rar
2008-05-09 03:44 . 2008-05-09 03:44 10121656 ----a-w- c:\program files\Alcohol120_trial_1.9.7.6221.exe
2008-05-09 03:28 . 2008-05-09 03:28 1385051 ----a-w- c:\program files\cddvdgen.zip
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544]
"Window Washer"="c:\program files\Webroot\Washer\wwDisp.exe" [2007-09-05 1261384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-20 149280]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-02-15 1800464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
NETGEAR WG311v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG311v3\wlancfg5.exe [2006-1-26 1486848]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=c:\windows\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
backup=c:\windows\pss\Microsoft Works Calendar Reminders.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
NvQTwk [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService]
2002-01-03 03:06 4608 ------w- c:\windows\system32\carpserv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
2008-03-01 19:49 826880 ----a-w- c:\program files\dvd43\DVD43_Tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2001-08-18 22:00 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 05:31 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2009-11-18 17:47 1243088 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
2000-07-13 20:00 311350 ----a-w- c:\program files\Microsoft Works\wkssb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
2000-07-13 20:00 28739 ----a-w- c:\program files\Microsoft Works\WkDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]
2001-10-12 23:45 69632 ----a-w- c:\program files\Analog Devices\SoundMAX\SMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\Java\j2re1.4.2_06\bin\jusched.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
2000-07-13 20:00 24576 ----a-w- c:\program files\Microsoft Works\wkfud.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MCVSRte"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [06/01/2009 11:10 PM 207792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [02/15/2010 2:43 PM 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [02/15/2010 2:43 PM 25160]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12/16/2009 4:26 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/16/2009 4:26 PM 74480]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12/16/2009 4:27 PM 7408]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ylmolrez

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 18:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-02-23 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]

2010-02-11 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]

2004-03-28 c:\windows\Tasks\Registration reminder 1.job
- c:\windows\System32\OOBE\oobebaln.exe [2006-04-09 00:12]

2004-03-23 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\System32\OOBE\oobebaln.exe [2006-04-09 00:12]

2004-04-08 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\System32\OOBE\oobebaln.exe [2006-04-09 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mWindow Title =
IE: &AOL Toolbar Search
DPF: DirectAnimation Java Classes - [You must be registered and logged in to see this link.]
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - [You must be registered and logged in to see this link.]
DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-HostManager - c:\program files\Common Files\AOL\1155679928\ee\AOLSoftware.exe
Notify-avgrsstarter - avgrsstx.dll
MSConfigStartUp-AOLDialer - c:\program files\Common Files\AOL\ACS\AOLDial.exe
AddRemove-Window Washer - c:\windows\Unwash6.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-02-23 15:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(896)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2010-02-23 16:25:01
ComboFix-quarantined-files.txt 2010-02-23 21:24
ComboFix2.txt 2010-01-19 22:24
ComboFix3.txt 2010-01-13 22:03

Pre-Run: 16,056,885,248 bytes free
Post-Run: 16,637,517,824 bytes free

Current=2 Default=2 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
- - End Of File - - A7607FC740ACD5E1881A82396133A579

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Wed Feb 24, 2010 4:40 am

Please download the [You must be registered and logged in to see this link.]. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Thu Feb 25, 2010 6:56 pm

GMER 1.0.15.15281 - [You must be registered and logged in to see this link.]
Rootkit scan 2010-02-25 12:15:16
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\JONATH~1\LOCALS~1\Temp\fwrcypoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xF3522BDA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xF35221B8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xF3522840]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF73AFE52]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0xF352209A]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0xF7390CDE]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0xF7390ED0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xF352406A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xF3524302]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xF3521C60]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF73B0640]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF73B08F4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xF3521A92]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xF3523CEC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xF352243C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xF3522A1C]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwOpenKey [0xF73AEB44]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0xF35217C2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xF35226CC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0xF352193A]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF73B0D60]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0xF3524648]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0xF3523A88]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xF3522DC0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xF3523E9A]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwSetValueKey [0xF73B0112]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xF35223D6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xF35225C0]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0xF7390984]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xF3521E32]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 104 804E2770 12 Bytes [9A, 20, 52, F3, DE, 0C, 39, ...] {CALL FAR 0x390c:0xdef35220; NOT EAX; PUSH CS; CMP EDI, ESI}

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\Explorer.EXE[712] SHELL32.dll!SHFileOperationW 7CA70924 5 Bytes JMP 00B81102 C:\Program Files\Unlocker\UnlockerHook.dll
.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1196] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0040FD50 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2276] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0050E060 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\Webroot\Washer\wwDisp.exe[2356] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 0008F305 C:\Program Files\Webroot\Washer\wwDisp.exe (Window Washer Client Executable/Webroot Software, Inc.)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F72D0780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F72D0780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F72D0780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F72D0780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F72D0780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F72D0740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F72D07B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F72D06E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [00617FB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [00617330] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!FillRect] [006180C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [00618130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge] [00618110] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [00617520] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [00617410] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [00617C00] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [00617630] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\CRYPT32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2328] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x16 0x1C 0x31 0xF9 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x1B 0x11 0xAD 0x40 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4B 0xC6 0x4A 0x03 ...

---- EOF - GMER 1.0.15 ----

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Fri Feb 26, 2010 4:32 am

Log is clean.

I am taking a good shot at this to say all the freeze ups and mess ups are due to Comodo software. Unfortunately, in their Internet Security, it is hard on the computer resources.

In order to get the computer back in top shape, I recommend to fully change over all of your security software to a recommended set. Savvy?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Fri Feb 26, 2010 5:58 pm

I just started using Comdo like 2 weeks ago and my computer been freezing up for like 2 months now so I donít know if it could be that. I think it has to do with svchost.exe using 99% of my computer memory.

You told me In order to get the computer back in top shape, I recommend to fully change over all of your security software to a recommended set. What do you mean by this and what software should I use?

Is this going to stop svchost.exe for use 99% of my computer memory?
If not how do I stop it?

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Fri Feb 26, 2010 6:59 pm

Adding Comodo to my computer, I used it for almost 6 months or more. When I was starting to get a slower computer and SVCHOST.exe being tied up so much, I removed Comodo and the issue was resolved.

Please uninstall Comodo, and then let me know if this has helped.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Sat Feb 27, 2010 4:48 am

I deleted Comodo and restarted my computer and I am still getting svchost.exe using 100% of my computer. So what do I do now to stop it from using 100% of my computer memory?

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Sun Feb 28, 2010 3:34 am

bump hello

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Sun Feb 28, 2010 4:35 am

Worth reading: [You must be registered and logged in to see this link.]

Now, please be patient with me, as I do not have time yet to research a solution. Weekends are bad for both of us malware helpers.

Allow me to contact another advisor/expert and see what their take on the situation is.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Sun Feb 28, 2010 11:46 pm

thanks

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Tue Mar 02, 2010 4:30 am

Please go to Start > Control Panel > Add or Remove Programs.

In the top right, click the check mark by Show Updates.

If the following exists, please Remove it: Update for Windows XP (927891) << It must have those exact numbers)


Then, please restart your computer, and download/install this update:

[You must be registered and logged in to see this link.]

====

After another reboot, let me know if your svchost.exe continues at CPU 100.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Tue Mar 02, 2010 6:39 pm

Don't see a Update for Windows XP (927891) in add/remove programs . What do I do now?

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Tue Mar 02, 2010 7:48 pm

Try to install it from the link I provided, please.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Wed Mar 03, 2010 1:41 am

Could not install Update for Windows XP (927891). Says service pack version is newer than the update you are applying. No need to update. What do i need to try to do now?

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Dr Jay on Wed Mar 03, 2010 5:21 am

  • Download Win32kDiag from any of the following locations and save it to your Desktop.

  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Status :
Online
Offline

Posts : 13707
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Wed Mar 03, 2010 11:41 pm

Running from: C:\Documents and Settings\Jonathan Murray\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Jonathan Murray\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Re: Computer is freezing up and running slow

Post by Thebeast28 on Fri Mar 05, 2010 5:01 pm

bump hello

Thebeast28
Intermediate
Intermediate

Status :
Online
Offline

Posts : 159
Joined : 2010-01-12
OS : Windows XP

View user profile

Back to top Go down

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum