Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Wed 11 Apr 2012, 9:50 am

First topic message reminder :

Hello,

I suspect that there is probably some kind of spyware that is slowing down my laptop and using all the virtual memory. I've been getting messages about my virtual memory being very low recently.This is apparent when running different programs. I can't for example open up iTunes or Microsoft Excel after just a few minutes on my computer. I can't properly shut down or restart my computer anymore (only hard reset). I've used Malwarebytes and spybot, but found nothing. I also used Comodo and found 30 threats but I was able to get rid of them. I ran it again, and found nothing.

Please let me know what steps I should take to figure out why laptop is operating this way. Just a month ago, everything seemed fine.

Thanks,
A

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down


Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Mon 16 Apr 2012, 3:10 pm

20:17:55.0609 2944 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:17:56.0328 2944 ============================================================
20:17:56.0328 2944 Current date / time: 2012/04/15 20:17:56.0328
20:17:56.0328 2944 SystemInfo:
20:17:56.0328 2944
20:17:56.0328 2944 OS Version: 5.1.2600 ServicePack: 2.0
20:17:56.0328 2944 Product type: Workstation
20:17:56.0328 2944 ComputerName: ANTONIO-LAPTOP
20:17:56.0328 2944 UserName: Antonio
20:17:56.0328 2944 Windows directory: C:\WINDOWS2
20:17:56.0328 2944 System windows directory: C:\WINDOWS2
20:17:56.0328 2944 Processor architecture: Intel x86
20:17:56.0328 2944 Number of processors: 2
20:17:56.0328 2944 Page size: 0x1000
20:17:56.0328 2944 Boot type: Normal boot
20:17:56.0328 2944 ============================================================
20:17:59.0359 2944 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:17:59.0359 2944 \Device\Harddisk0\DR0:
20:17:59.0359 2944 MBR used
20:17:59.0359 2944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xD3EEAC9
20:17:59.0890 2944 Initialize success
20:17:59.0890 2944 ============================================================
20:18:36.0984 2488 ============================================================
20:18:36.0984 2488 Scan started
20:18:36.0984 2488 Mode: Manual;
20:18:36.0984 2488 ============================================================
20:18:40.0046 2488 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:18:40.0046 2488 !SASCORE - ok
20:18:40.0359 2488 Abiosdsk - ok
20:18:41.0562 2488 abp480n5 - ok
20:18:42.0140 2488 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS2\system32\DRIVERS\ACPI.sys
20:18:42.0171 2488 ACPI - ok
20:18:42.0953 2488 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS2\system32\drivers\ACPIEC.sys
20:18:43.0000 2488 ACPIEC - ok
20:18:43.0484 2488 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS2\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:18:43.0515 2488 AdobeFlashPlayerUpdateSvc - ok
20:18:44.0171 2488 adpu160m - ok
20:18:44.0406 2488 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS2\system32\drivers\aec.sys
20:18:44.0421 2488 aec - ok
20:18:45.0250 2488 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS2\System32\drivers\afd.sys
20:18:45.0265 2488 AFD - ok
20:18:45.0562 2488 Aha154x - ok
20:18:45.0640 2488 aic78u2 - ok
20:18:45.0656 2488 aic78xx - ok
20:18:45.0859 2488 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS2\system32\alrsvc.dll
20:18:45.0906 2488 Alerter - ok
20:18:46.0328 2488 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS2\System32\alg.exe
20:18:46.0359 2488 ALG - ok
20:18:46.0468 2488 AliIde - ok
20:18:46.0718 2488 amsint - ok
20:18:46.0921 2488 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS2\SYSTEM32\DRIVERS\APPDRV.SYS
20:18:46.0921 2488 APPDRV - ok
20:18:47.0265 2488 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:18:47.0265 2488 Apple Mobile Device - ok
20:18:47.0625 2488 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS2\System32\appmgmts.dll
20:18:47.0687 2488 AppMgmt - ok
20:18:48.0093 2488 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS2\system32\DRIVERS\arp1394.sys
20:18:48.0093 2488 Arp1394 - ok
20:18:48.0250 2488 asc - ok
20:18:48.0437 2488 asc3350p - ok
20:18:48.0484 2488 asc3550 - ok
20:18:49.0796 2488 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS2\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:18:49.0968 2488 aspnet_state - ok
20:18:50.0359 2488 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS2\system32\DRIVERS\asyncmac.sys
20:18:50.0375 2488 AsyncMac - ok
20:18:51.0390 2488 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS2\system32\DRIVERS\atapi.sys
20:18:51.0390 2488 atapi - ok
20:18:51.0703 2488 Atdisk - ok
20:18:51.0812 2488 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS2\system32\DRIVERS\atmarpc.sys
20:18:51.0843 2488 Atmarpc - ok
20:18:52.0093 2488 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS2\System32\audiosrv.dll
20:18:52.0109 2488 AudioSrv - ok
20:18:52.0734 2488 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS2\system32\DRIVERS\audstub.sys
20:18:52.0765 2488 audstub - ok
20:18:53.0281 2488 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS2\system32\DRIVERS\bcm4sbxp.sys
20:18:53.0281 2488 bcm4sbxp - ok
20:18:53.0796 2488 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS2\system32\drivers\Beep.sys
20:18:53.0812 2488 Beep - ok
20:18:54.0828 2488 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS2\system32\qmgr.dll
20:18:55.0093 2488 BITS - ok
20:18:55.0390 2488 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:18:55.0390 2488 Bonjour Service - ok
20:18:56.0093 2488 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS2\System32\browser.dll
20:18:56.0125 2488 Browser - ok
20:18:57.0015 2488 catchme - ok
20:18:57.0484 2488 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS2\system32\drivers\cbidf2k.sys
20:18:57.0515 2488 cbidf2k - ok
20:18:57.0812 2488 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS2\system32\DRIVERS\CCDECODE.sys
20:18:57.0859 2488 CCDECODE - ok
20:18:57.0937 2488 cd20xrnt - ok
20:18:58.0046 2488 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS2\system32\drivers\Cdaudio.sys
20:18:58.0062 2488 Cdaudio - ok
20:18:58.0984 2488 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS2\system32\drivers\Cdfs.sys
20:18:58.0984 2488 Cdfs - ok
20:18:59.0250 2488 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS2\system32\DRIVERS\cdrom.sys
20:18:59.0265 2488 Cdrom - ok
20:18:59.0421 2488 Changer - ok
20:18:59.0703 2488 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS2\system32\cisvc.exe
20:18:59.0750 2488 CiSvc - ok
20:18:59.0765 2488 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS2\system32\clipsrv.exe
20:18:59.0781 2488 ClipSrv - ok
20:18:59.0890 2488 CLPSLS (56139566e462c1fb1775e140d4ee6b22) C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
20:18:59.0890 2488 CLPSLS - ok
20:19:00.0078 2488 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:00.0125 2488 clr_optimization_v2.0.50727_32 - ok
20:19:00.0234 2488 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS2\system32\DRIVERS\CmBatt.sys
20:19:00.0234 2488 CmBatt - ok
20:19:01.0000 2488 cmdAgent (8e0528204ca034cbc3af65cf1831a4f4) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
20:19:01.0687 2488 cmdAgent - ok
20:19:03.0046 2488 cmderd (ae1c31d030a21f0afabe2df269d1181f) C:\WINDOWS2\system32\DRIVERS\cmderd.sys
20:19:03.0062 2488 cmderd - ok
20:19:04.0078 2488 cmdGuard (ee8d7168cbbe3af052ea93015f51abe9) C:\WINDOWS2\system32\DRIVERS\cmdguard.sys
20:19:04.0156 2488 cmdGuard - ok
20:19:05.0984 2488 cmdHlp (45a1f7d2890681f22406458d93d03cc1) C:\WINDOWS2\system32\DRIVERS\cmdhlp.sys
20:19:05.0984 2488 cmdHlp - ok
20:19:06.0328 2488 CmdIde - ok
20:19:06.0406 2488 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS2\system32\DRIVERS\compbatt.sys
20:19:06.0406 2488 Compbatt - ok
20:19:06.0531 2488 COMSysApp - ok
20:19:06.0578 2488 Cpqarray - ok
20:19:06.0750 2488 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS2\System32\cryptsvc.dll
20:19:06.0765 2488 CryptSvc - ok
20:19:07.0062 2488 dac2w2k - ok
20:19:07.0093 2488 dac960nt - ok
20:19:07.0296 2488 DcomLaunch (5c83a4408604f737717ab96371201680) C:\WINDOWS2\system32\rpcss.dll
20:19:07.0375 2488 DcomLaunch - ok
20:19:07.0421 2488 Dhcp (cb6ca3e5261d65f6f809eed23bf167aa) C:\WINDOWS2\System32\dhcpcsvc.dll
20:19:07.0468 2488 Dhcp - ok
20:19:08.0281 2488 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS2\system32\DRIVERS\disk.sys
20:19:08.0296 2488 Disk - ok
20:19:08.0390 2488 DLADHK_M (6b2c6d29bb1954f1a328faedfbec31d9) C:\WINDOWS2\system32\Drivers\DLADHK_M.SYS
20:19:08.0406 2488 DLADHK_M - ok
20:19:08.0703 2488 DLADiagM (2c31280ba21446e89ba2265fafba45b9) C:\WINDOWS2\system32\Drivers\DLADiagM.SYS
20:19:08.0718 2488 DLADiagM - ok
20:19:09.0203 2488 DLAPMonM (8ea0b56da6197d557aed3f2a843738aa) C:\WINDOWS2\system32\Drivers\DLAPMonM.SYS
20:19:09.0218 2488 DLAPMonM - ok
20:19:11.0312 2488 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS2\system32\Drivers\DLARTL_M.SYS
20:19:11.0343 2488 DLARTL_M - ok
20:19:11.0968 2488 dmadmin - ok
20:19:12.0250 2488 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS2\system32\drivers\dmboot.sys
20:19:12.0281 2488 dmboot - ok
20:19:12.0781 2488 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS2\system32\drivers\dmio.sys
20:19:12.0796 2488 dmio - ok
20:19:12.0984 2488 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS2\system32\drivers\dmload.sys
20:19:12.0984 2488 dmload - ok
20:19:13.0375 2488 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS2\System32\dmserver.dll
20:19:13.0406 2488 dmserver - ok
20:19:14.0078 2488 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS2\system32\drivers\DMusic.sys
20:19:14.0078 2488 DMusic - ok
20:19:14.0390 2488 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS2\System32\dnsrslvr.dll
20:19:14.0406 2488 Dnscache - ok
20:19:15.0390 2488 dpti2o - ok
20:19:16.0140 2488 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS2\system32\drivers\drmkaud.sys
20:19:16.0156 2488 drmkaud - ok
20:19:17.0078 2488 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS2\System32\ersvc.dll
20:19:17.0078 2488 ERSvc - ok
20:19:17.0796 2488 Eventlog (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS2\system32\services.exe
20:19:17.0796 2488 Eventlog - ok
20:19:18.0578 2488 EventSystem (acd36a2dd7d1e9d8a060aa651dc07e63) C:\WINDOWS2\system32\es.dll
20:19:18.0687 2488 EventSystem - ok
20:19:19.0265 2488 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS2\system32\drivers\Fastfat.sys
20:19:19.0328 2488 Fastfat - ok
20:19:20.0218 2488 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
20:19:20.0265 2488 FastUserSwitchingCompatibility - ok
20:19:20.0734 2488 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS2\system32\drivers\Fdc.sys
20:19:20.0734 2488 Fdc - ok
20:19:20.0843 2488 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS2\system32\drivers\Fips.sys
20:19:20.0843 2488 Fips - ok
20:19:20.0921 2488 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS2\system32\drivers\Flpydisk.sys
20:19:20.0921 2488 Flpydisk - ok
20:19:24.0937 2488 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS2\system32\DRIVERS\fltMgr.sys
20:19:25.0281 2488 FltMgr - ok
20:19:26.0796 2488 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:19:26.0890 2488 FontCache3.0.0.0 - ok
20:19:27.0046 2488 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS2\system32\drivers\Fs_Rec.sys
20:19:27.0046 2488 Fs_Rec - ok
20:19:27.0234 2488 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS2\system32\DRIVERS\ftdisk.sys
20:19:27.0328 2488 Ftdisk - ok
20:19:28.0343 2488 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS2\system32\DRIVERS\GEARAspiWDM.sys
20:19:28.0359 2488 GEARAspiWDM - ok
20:19:28.0921 2488 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS2\system32\DRIVERS\msgpc.sys
20:19:28.0921 2488 Gpc - ok
20:19:29.0437 2488 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:29.0468 2488 gupdate - ok
20:19:29.0484 2488 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:19:29.0484 2488 gupdatem - ok
20:19:29.0984 2488 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS2\system32\DRIVERS\HDAudBus.sys
20:19:29.0984 2488 HDAudBus - ok
20:19:30.0125 2488 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS2\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:19:30.0125 2488 helpsvc - ok
20:19:30.0281 2488 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS2\System32\hidserv.dll
20:19:30.0343 2488 HidServ - ok
20:19:31.0312 2488 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS2\system32\DRIVERS\hidusb.sys
20:19:31.0312 2488 HidUsb - ok
20:19:31.0421 2488 hpn - ok
20:19:32.0000 2488 HSFHWAZL (b1526810210980bed9d22315946c919d) C:\WINDOWS2\system32\DRIVERS\HSFHWAZL.sys
20:19:32.0015 2488 HSFHWAZL - ok
20:19:32.0171 2488 HSF_DPV (ddbd528e60f5961c142a490dc4ea7780) C:\WINDOWS2\system32\DRIVERS\HSF_DPV.sys
20:19:32.0187 2488 HSF_DPV - ok
20:19:32.0984 2488 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS2\system32\Drivers\HTTP.sys
20:19:32.0984 2488 HTTP - ok
20:19:33.0375 2488 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS2\System32\w3ssl.dll
20:19:33.0421 2488 HTTPFilter - ok
20:19:34.0453 2488 i2omgmt - ok
20:19:34.0953 2488 i2omp - ok
20:19:35.0734 2488 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS2\system32\DRIVERS\i8042prt.sys
20:19:35.0734 2488 i8042prt - ok
20:19:37.0281 2488 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:19:37.0781 2488 idsvc - ok
20:19:38.0203 2488 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS2\system32\DRIVERS\imapi.sys
20:19:38.0234 2488 Imapi - ok
20:19:38.0375 2488 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS2\system32\imapi.exe
20:19:38.0390 2488 ImapiService - ok
20:19:38.0828 2488 ini910u - ok
20:19:41.0437 2488 IntelIde - ok
20:19:42.0359 2488 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS2\system32\DRIVERS\intelppm.sys
20:19:42.0359 2488 intelppm - ok
20:19:43.0484 2488 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS2\system32\DRIVERS\Ip6Fw.sys
20:19:43.0625 2488 Ip6Fw - ok
20:19:43.0968 2488 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS2\system32\DRIVERS\ipinip.sys
20:19:43.0968 2488 IpInIp - ok
20:19:44.0046 2488 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS2\system32\DRIVERS\ipnat.sys
20:19:44.0062 2488 IpNat - ok
20:19:44.0406 2488 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:19:44.0640 2488 iPod Service - ok
20:19:45.0046 2488 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS2\system32\DRIVERS\ipsec.sys
20:19:45.0062 2488 IPSec - ok
20:19:45.0171 2488 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS2\system32\DRIVERS\irenum.sys
20:19:45.0171 2488 IRENUM - ok
20:19:46.0937 2488 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS2\system32\DRIVERS\isapnp.sys
20:19:46.0984 2488 isapnp - ok
20:19:48.0265 2488 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
20:19:48.0281 2488 JavaQuickStarterService - ok
20:19:49.0000 2488 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS2\system32\DRIVERS\kbdclass.sys
20:19:49.0078 2488 Kbdclass - ok
20:19:50.0062 2488 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS2\system32\drivers\kmixer.sys
20:19:50.0156 2488 kmixer - ok
20:19:51.0218 2488 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS2\system32\drivers\KSecDD.sys
20:19:51.0250 2488 KSecDD - ok
20:19:51.0500 2488 lanmanserver (93d32468d34e000cb3407947d1d6e22a) C:\WINDOWS2\System32\srvsvc.dll
20:19:51.0515 2488 lanmanserver - ok
20:19:51.0875 2488 lanmanworkstation (2c0a7b2ae9c26f2c163627679b42783c) C:\WINDOWS2\System32\wkssvc.dll
20:19:51.0890 2488 lanmanworkstation - ok
20:19:52.0156 2488 lbrtfdc - ok
20:19:52.0250 2488 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS2\System32\lmhsvc.dll
20:19:52.0250 2488 LmHosts - ok
20:19:52.0687 2488 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:19:52.0750 2488 MDM - ok
20:19:53.0328 2488 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS2\system32\DRIVERS\mdmxsdk.sys
20:19:53.0359 2488 mdmxsdk - ok
20:19:54.0265 2488 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS2\System32\msgsvc.dll
20:19:54.0296 2488 Messenger - ok
20:19:54.0781 2488 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS2\system32\drivers\mnmdd.sys
20:19:54.0796 2488 mnmdd - ok
20:19:55.0234 2488 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS2\system32\mnmsrvc.exe
20:19:55.0234 2488 mnmsrvc - ok
20:19:55.0390 2488 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS2\system32\drivers\Modem.sys
20:19:55.0421 2488 Modem - ok
20:19:56.0281 2488 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS2\system32\DRIVERS\mouclass.sys
20:19:56.0281 2488 Mouclass - ok
20:19:56.0453 2488 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS2\system32\DRIVERS\mouhid.sys
20:19:56.0468 2488 mouhid - ok
20:19:57.0187 2488 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS2\system32\drivers\MountMgr.sys
20:19:57.0234 2488 MountMgr - ok
20:19:57.0343 2488 mraid35x - ok
20:19:57.0593 2488 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS2\system32\DRIVERS\mrxdav.sys
20:19:57.0687 2488 MRxDAV - ok
20:19:57.0890 2488 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS2\system32\DRIVERS\mrxsmb.sys
20:19:57.0953 2488 MRxSmb - ok
20:19:59.0015 2488 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS2\system32\msdtc.exe
20:19:59.0046 2488 MSDTC - ok
20:20:00.0187 2488 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS2\system32\drivers\Msfs.sys
20:20:00.0203 2488 Msfs - ok
20:20:00.0218 2488 MSIServer - ok
20:20:00.0468 2488 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS2\system32\drivers\MSKSSRV.sys
20:20:00.0500 2488 MSKSSRV - ok
20:20:03.0265 2488 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS2\system32\drivers\MSPCLOCK.sys
20:20:03.0265 2488 MSPCLOCK - ok
20:20:03.0703 2488 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS2\system32\drivers\MSPQM.sys
20:20:03.0703 2488 MSPQM - ok
20:20:03.0843 2488 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS2\system32\DRIVERS\mssmbios.sys
20:20:03.0875 2488 mssmbios - ok
20:20:05.0375 2488 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS2\system32\drivers\MSTEE.sys
20:20:05.0375 2488 MSTEE - ok
20:20:06.0593 2488 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS2\system32\drivers\Mup.sys
20:20:06.0656 2488 Mup - ok
20:20:07.0015 2488 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS2\system32\DRIVERS\NABTSFEC.sys
20:20:07.0015 2488 NABTSFEC - ok
20:20:07.0203 2488 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS2\system32\drivers\NDIS.sys
20:20:07.0468 2488 NDIS - ok
20:20:08.0015 2488 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS2\system32\DRIVERS\NdisIP.sys
20:20:08.0015 2488 NdisIP - ok
20:20:08.0234 2488 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS2\system32\DRIVERS\ndistapi.sys
20:20:08.0265 2488 NdisTapi - ok
20:20:08.0843 2488 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS2\system32\DRIVERS\ndisuio.sys
20:20:08.0859 2488 Ndisuio - ok
20:20:09.0968 2488 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS2\system32\DRIVERS\ndiswan.sys
20:20:10.0140 2488 NdisWan - ok
20:20:10.0500 2488 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS2\system32\drivers\NDProxy.sys
20:20:10.0515 2488 NDProxy - ok
20:20:10.0843 2488 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS2\system32\DRIVERS\netbios.sys
20:20:10.0859 2488 NetBIOS - ok
20:20:11.0812 2488 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS2\system32\DRIVERS\netbt.sys
20:20:11.0812 2488 NetBT - ok
20:20:12.0171 2488 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS2\system32\netdde.exe
20:20:12.0218 2488 NetDDE - ok
20:20:12.0234 2488 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS2\system32\netdde.exe
20:20:12.0234 2488 NetDDEdsdm - ok
20:20:12.0296 2488 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
20:20:12.0312 2488 Netlogon - ok
20:20:13.0250 2488 Netman (dab9e6c7105d2ef49876fe92c524f565) C:\WINDOWS2\System32\netman.dll
20:20:13.0265 2488 Netman - ok
20:20:13.0890 2488 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:13.0906 2488 NetTcpPortSharing - ok
20:20:15.0312 2488 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS2\system32\DRIVERS\NETw4x32.sys
20:20:16.0015 2488 NETw4x32 - ok
20:20:16.0921 2488 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS2\system32\DRIVERS\nic1394.sys
20:20:16.0953 2488 NIC1394 - ok
20:20:18.0031 2488 Nla (4e74af063c3271fbea20dd940cfd1184) C:\WINDOWS2\System32\mswsock.dll
20:20:18.0187 2488 Nla - ok
20:20:19.0421 2488 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS2\system32\drivers\Npfs.sys
20:20:19.0453 2488 Npfs - ok
20:20:22.0484 2488 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS2\system32\drivers\Ntfs.sys
20:20:23.0687 2488 Ntfs - ok
20:20:23.0937 2488 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
20:20:23.0937 2488 NtLmSsp - ok
20:20:24.0234 2488 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS2\system32\ntmssvc.dll
20:20:24.0468 2488 NtmsSvc - ok
20:20:27.0125 2488 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS2\system32\drivers\Null.sys
20:20:27.0171 2488 Null - ok
20:20:34.0218 2488 nv (0390b9368ea20dfb9e416a520b28a555) C:\WINDOWS2\system32\DRIVERS\nv4_mini.sys
20:20:40.0062 2488 nv - ok
20:20:43.0875 2488 NVSvc (a9fb3ef9a6385b56e8a6bd758ac01b94) C:\WINDOWS2\system32\nvsvc32.exe
20:20:43.0906 2488 NVSvc - ok
20:20:44.0625 2488 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS2\system32\DRIVERS\nwlnkflt.sys
20:20:44.0703 2488 NwlnkFlt - ok
20:20:46.0062 2488 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS2\system32\DRIVERS\nwlnkfwd.sys
20:20:46.0078 2488 NwlnkFwd - ok
20:20:46.0765 2488 OEM02Afx (58f478fd0115012ceec75fb73628901c) C:\WINDOWS2\system32\Drivers\OEM02Afx.sys
20:20:46.0765 2488 OEM02Afx - ok
20:20:47.0500 2488 OEM02Dev (19cac780b858822055f46c58a111723c) C:\WINDOWS2\system32\DRIVERS\OEM02Dev.sys
20:20:47.0515 2488 OEM02Dev - ok
20:20:47.0609 2488 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\WINDOWS2\system32\DRIVERS\OEM02Vfx.sys
20:20:47.0625 2488 OEM02Vfx - ok
20:20:47.0671 2488 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS2\system32\DRIVERS\ohci1394.sys
20:20:47.0703 2488 ohci1394 - ok
20:20:47.0843 2488 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:48.0078 2488 ose - ok
20:20:49.0437 2488 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS2\system32\drivers\Parport.sys
20:20:50.0031 2488 Parport - ok
20:20:51.0796 2488 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS2\system32\drivers\PartMgr.sys
20:20:51.0796 2488 PartMgr - ok
20:20:52.0500 2488 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS2\system32\drivers\ParVdm.sys
20:20:52.0578 2488 ParVdm - ok
20:20:53.0265 2488 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS2\system32\DRIVERS\pci.sys
20:20:53.0359 2488 PCI - ok
20:20:54.0328 2488 PCIDump - ok
20:20:56.0750 2488 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS2\system32\DRIVERS\pciide.sys
20:20:56.0750 2488 PCIIde - ok
20:20:58.0296 2488 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS2\system32\drivers\Pcmcia.sys
20:20:58.0406 2488 Pcmcia - ok
20:20:58.0687 2488 PDCOMP - ok
20:20:58.0812 2488 PDFRAME - ok
20:20:59.0453 2488 PDRELI - ok
20:20:59.0609 2488 PDRFRAME - ok
20:20:59.0625 2488 perc2 - ok
20:20:59.0640 2488 perc2hib - ok
20:20:59.0765 2488 PlugPlay (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS2\system32\services.exe
20:20:59.0843 2488 PlugPlay - ok
20:21:00.0031 2488 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
20:21:00.0062 2488 PolicyAgent - ok
20:21:00.0703 2488 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS2\system32\DRIVERS\raspptp.sys
20:21:00.0734 2488 PptpMiniport - ok
20:21:00.0843 2488 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
20:21:00.0843 2488 ProtectedStorage - ok
20:21:02.0796 2488 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS2\system32\DRIVERS\psched.sys
20:21:02.0828 2488 PSched - ok
20:21:03.0687 2488 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS2\system32\DRIVERS\ptilink.sys
20:21:03.0718 2488 Ptilink - ok
20:21:04.0203 2488 ql1080 - ok
20:21:04.0281 2488 Ql10wnt - ok
20:21:04.0296 2488 ql12160 - ok
20:21:04.0312 2488 ql1240 - ok
20:21:04.0343 2488 ql1280 - ok
20:21:04.0515 2488 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS2\system32\DRIVERS\rasacd.sys
20:21:04.0531 2488 RasAcd - ok
20:21:04.0671 2488 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS2\System32\rasauto.dll
20:21:04.0734 2488 RasAuto - ok
20:21:05.0437 2488 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS2\system32\DRIVERS\rasl2tp.sys
20:21:05.0531 2488 Rasl2tp - ok
20:21:06.0234 2488 RasMan (41a3c11e3517c962c9b44893bcec3b34) C:\WINDOWS2\System32\rasmans.dll
20:21:06.0265 2488 RasMan - ok
20:21:06.0609 2488 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS2\system32\DRIVERS\raspppoe.sys
20:21:06.0625 2488 RasPppoe - ok
20:21:07.0281 2488 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS2\system32\DRIVERS\raspti.sys
20:21:07.0281 2488 Raspti - ok
20:21:07.0609 2488 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS2\system32\DRIVERS\rdbss.sys
20:21:07.0609 2488 Rdbss - ok
20:21:08.0968 2488 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS2\system32\DRIVERS\RDPCDD.sys
20:21:08.0968 2488 RDPCDD - ok
20:21:10.0078 2488 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS2\system32\DRIVERS\rdpdr.sys
20:21:10.0093 2488 rdpdr - ok
20:21:10.0859 2488 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS2\system32\drivers\RDPWD.sys
20:21:11.0015 2488 RDPWD - ok
20:21:11.0625 2488 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS2\system32\sessmgr.exe
20:21:11.0640 2488 RDSessMgr - ok
20:21:11.0953 2488 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS2\system32\DRIVERS\redbook.sys
20:21:11.0968 2488 redbook - ok
20:21:12.0578 2488 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS2\System32\mprdim.dll
20:21:12.0578 2488 RemoteAccess - ok
20:21:13.0125 2488 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS2\system32\regsvc.dll
20:21:13.0187 2488 RemoteRegistry - ok
20:21:14.0375 2488 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS2\system32\DRIVERS\rimmptsk.sys
20:21:14.0406 2488 rimmptsk - ok
20:21:15.0281 2488 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS2\system32\DRIVERS\rimsptsk.sys
20:21:15.0281 2488 rimsptsk - ok
20:21:16.0250 2488 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS2\system32\DRIVERS\rixdptsk.sys
20:21:16.0250 2488 rismxdp - ok
20:21:16.0593 2488 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS2\system32\locator.exe
20:21:16.0703 2488 RpcLocator - ok
20:21:17.0203 2488 RpcSs (5c83a4408604f737717ab96371201680) C:\WINDOWS2\System32\rpcss.dll
20:21:17.0375 2488 RpcSs - ok
20:21:19.0812 2488 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS2\system32\rsvp.exe
20:21:19.0937 2488 RSVP - ok
20:21:20.0468 2488 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
20:21:20.0500 2488 SamSs - ok
20:21:20.0796 2488 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:21:20.0843 2488 SASDIFSV - ok
20:21:20.0875 2488 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:21:20.0937 2488 SASKUTIL - ok
20:21:22.0625 2488 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS2\system32\Drivers\SBKUPNT.SYS
20:21:22.0656 2488 SBKUPNT - ok
20:21:23.0187 2488 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS2\System32\SCardSvr.exe
20:21:23.0218 2488 SCardSvr - ok
20:21:23.0531 2488 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS2\system32\schedsvc.dll
20:21:23.0578 2488 Schedule - ok
20:21:24.0328 2488 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS2\system32\DRIVERS\sdbus.sys
20:21:24.0421 2488 sdbus - ok
20:21:25.0531 2488 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS2\system32\DRIVERS\secdrv.sys
20:21:25.0562 2488 Secdrv - ok
20:21:25.0937 2488 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS2\System32\seclogon.dll
20:21:25.0937 2488 seclogon - ok
20:21:25.0984 2488 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS2\system32\sens.dll
20:21:26.0015 2488 SENS - ok
20:21:26.0343 2488 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS2\system32\drivers\Serial.sys
20:21:26.0406 2488 Serial - ok
20:21:27.0156 2488 sffdisk (1d9f1bec651815741f088a8fb88e17ee) C:\WINDOWS2\system32\DRIVERS\sffdisk.sys
20:21:27.0187 2488 sffdisk - ok
20:21:27.0281 2488 sffp_sd (586499fd312ffd7f78553f408e71682e) C:\WINDOWS2\system32\DRIVERS\sffp_sd.sys
20:21:27.0296 2488 sffp_sd - ok
20:21:27.0468 2488 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS2\system32\drivers\Sfloppy.sys
20:21:27.0500 2488 Sfloppy - ok
20:21:28.0640 2488 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS2\System32\ipnathlp.dll
20:21:29.0390 2488 SharedAccess - ok
20:21:29.0906 2488 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
20:21:29.0921 2488 ShellHWDetection - ok
20:21:31.0296 2488 Simbad - ok
20:21:31.0890 2488 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS2\system32\DRIVERS\SLIP.sys
20:21:31.0984 2488 SLIP - ok
20:21:33.0875 2488 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS2\system32\DRIVERS\SONYPVU1.SYS
20:21:34.0031 2488 SONYPVU1 - ok
20:21:34.0906 2488 Sparrow - ok
20:21:36.0734 2488 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS2\system32\drivers\splitter.sys
20:21:36.0796 2488 splitter - ok
20:21:37.0750 2488 Spooler (7435b108b935e42ea92ca94f59c8e717) C:\WINDOWS2\system32\spoolsv.exe
20:21:37.0765 2488 Spooler - ok
20:21:38.0171 2488 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS2\system32\DRIVERS\sr.sys
20:21:38.0281 2488 sr - ok
20:21:38.0390 2488 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS2\system32\srsvc.dll
20:21:38.0437 2488 srservice - ok
20:21:39.0500 2488 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS2\system32\DRIVERS\srv.sys
20:21:40.0937 2488 Srv - ok
20:21:42.0609 2488 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS2\System32\ssdpsrv.dll
20:21:42.0750 2488 SSDPSRV - ok
20:21:45.0203 2488 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS2\system32\drivers\sthda.sys
20:21:45.0531 2488 STHDA - ok
20:21:46.0125 2488 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS2\system32\wiaservc.dll
20:21:46.0437 2488 stisvc - ok
20:21:47.0937 2488 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS2\system32\DRIVERS\StreamIP.sys
20:21:47.0937 2488 streamip - ok
20:21:49.0171 2488 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS2\system32\DRIVERS\swenum.sys
20:21:49.0187 2488 swenum - ok
20:21:51.0234 2488 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS2\system32\drivers\swmidi.sys
20:21:51.0281 2488 swmidi - ok
20:21:51.0718 2488 SwPrv - ok
20:21:51.0781 2488 symc810 - ok
20:21:51.0937 2488 symc8xx - ok
20:21:51.0953 2488 sym_hi - ok
20:21:52.0562 2488 sym_u3 - ok
20:21:52.0843 2488 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS2\system32\drivers\sysaudio.sys
20:21:52.0859 2488 sysaudio - ok
20:21:53.0093 2488 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS2\system32\smlogsvc.exe
20:21:53.0125 2488 SysmonLog - ok
20:21:53.0953 2488 SysProtDrv.sys (7d5b6655442dbcf5e3b86a134ab90584) C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Desktop\SysProt\SysProt\SysProtDrv.sys
20:21:54.0468 2488 SysProtDrv.sys - ok
20:21:54.0765 2488 TapiSrv (eb4a4187d74a8efdcbea3ea2cb1bdfbd) C:\WINDOWS2\System32\tapisrv.dll
20:21:54.0796 2488 TapiSrv - ok
20:21:54.0890 2488 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS2\system32\DRIVERS\tcpip.sys
20:21:54.0906 2488 Tcpip - ok
20:21:55.0156 2488 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS2\system32\drivers\TDPIPE.sys
20:21:55.0171 2488 TDPIPE - ok
20:21:55.0234 2488 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS2\system32\drivers\TDTCP.sys
20:21:55.0281 2488 TDTCP - ok
20:21:55.0343 2488 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS2\system32\DRIVERS\termdd.sys
20:21:55.0343 2488 TermDD - ok
20:21:55.0609 2488 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS2\System32\termsrv.dll
20:21:55.0640 2488 TermService - ok
20:21:55.0718 2488 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
20:21:55.0718 2488 Themes - ok
20:21:55.0859 2488 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS2\system32\tlntsvr.exe
20:21:56.0546 2488 TlntSvr - ok
20:21:57.0437 2488 TosIde - ok
20:21:58.0000 2488 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS2\system32\trkwks.dll
20:21:58.0000 2488 TrkWks - ok
20:21:58.0500 2488 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS2\system32\drivers\Udfs.sys
20:21:58.0593 2488 Udfs - ok
20:21:59.0015 2488 ultra - ok
20:21:59.0625 2488 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS2\system32\DRIVERS\update.sys
20:21:59.0625 2488 Update - ok
20:22:00.0765 2488 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS2\System32\upnphost.dll
20:22:00.0984 2488 upnphost - ok
20:22:01.0281 2488 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS2\System32\ups.exe
20:22:01.0296 2488 UPS - ok
20:22:01.0500 2488 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS2\system32\Drivers\usbaapl.sys
20:22:01.0515 2488 USBAAPL - ok
20:22:01.0750 2488 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS2\system32\DRIVERS\usbccgp.sys
20:22:01.0765 2488 usbccgp - ok
20:22:02.0078 2488 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS2\system32\DRIVERS\usbehci.sys
20:22:02.0125 2488 usbehci - ok
20:22:03.0218 2488 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS2\system32\DRIVERS\usbhub.sys
20:22:03.0250 2488 usbhub - ok
20:22:04.0296 2488 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS2\system32\DRIVERS\usbscan.sys
20:22:04.0359 2488 usbscan - ok
20:22:05.0562 2488 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS2\system32\DRIVERS\USBSTOR.SYS
20:22:05.0781 2488 USBSTOR - ok
20:22:06.0328 2488 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS2\system32\DRIVERS\usbuhci.sys
20:22:06.0406 2488 usbuhci - ok
20:22:08.0078 2488 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS2\system32\Drivers\usbvideo.sys
20:22:08.0406 2488 usbvideo - ok
20:22:09.0578 2488 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS2\System32\drivers\vga.sys
20:22:09.0578 2488 VgaSave - ok
20:22:11.0359 2488 ViaIde - ok
20:22:13.0468 2488 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS2\system32\drivers\VolSnap.sys
20:22:13.0609 2488 VolSnap - ok
20:22:14.0734 2488 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS2\System32\vssvc.exe
20:22:14.0750 2488 VSS - ok
20:22:15.0421 2488 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS2\system32\w32time.dll
20:22:15.0593 2488 W32Time - ok
20:22:20.0281 2488 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS2\system32\DRIVERS\wanarp.sys
20:22:20.0359 2488 Wanarp - ok
20:22:21.0546 2488 WDICA - ok
20:22:22.0625 2488 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS2\system32\drivers\wdmaud.sys
20:22:22.0687 2488 wdmaud - ok
20:22:23.0406 2488 WebClient (5d0a442864bfbf3b19dcca4cd29f6e99) C:\WINDOWS2\System32\webclnt.dll
20:22:23.0484 2488 WebClient - ok
20:22:32.0468 2488 winachsf (96aff1738271755a39b52eef7e35f98f) C:\WINDOWS2\system32\DRIVERS\HSF_CNXT.sys
20:22:33.0375 2488 winachsf - ok
20:22:35.0078 2488 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS2\system32\wbem\WMIsvc.dll
20:22:35.0406 2488 winmgmt - ok
20:22:38.0468 2488 WmdmPmSN (c086483e3dba8c1c0a687ec8d5b3d4c1) C:\WINDOWS2\system32\mspmsnsv.dll
20:22:38.0656 2488 WmdmPmSN - ok
20:22:41.0250 2488 Wmi (1aff244ca134956c54474f4e2433e4ce) C:\WINDOWS2\System32\advapi32.dll
20:22:41.0328 2488 Wmi - ok
20:22:41.0796 2488 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS2\system32\DRIVERS\wmiacpi.sys
20:22:41.0859 2488 WmiAcpi - ok
20:22:48.0625 2488 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS2\system32\wbem\wmiapsrv.exe
20:22:48.0984 2488 WmiApSrv - ok
20:22:49.0218 2488 WPFFontCache_v0400 - ok
20:22:52.0750 2488 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS2\System32\drivers\ws2ifsl.sys
20:22:52.0843 2488 WS2IFSL - ok
20:22:54.0968 2488 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS2\system32\wscsvc.dll
20:22:55.0421 2488 wscsvc - ok
20:22:58.0515 2488 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS2\system32\DRIVERS\WSTCODEC.SYS
20:22:58.0609 2488 WSTCODEC - ok
20:23:00.0734 2488 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:23:04.0312 2488 wuauserv - ok
20:23:06.0453 2488 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS2\System32\wzcsvc.dll
20:23:06.0984 2488 WZCSVC - ok
20:23:09.0468 2488 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS2\System32\xmlprov.dll
20:23:09.0531 2488 xmlprov - ok
20:23:09.0625 2488 MBR (0x1B8) (faee7e40dfb0440ad2cfc39befa1f4c2) \Device\Harddisk0\DR0
20:23:09.0656 2488 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
20:23:09.0656 2488 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
20:23:09.0781 2488 Boot (0x1200) (b555b91f577cbb009e14078586928726) \Device\Harddisk0\DR0\Partition0
20:23:09.0796 2488 \Device\Harddisk0\DR0\Partition0 - ok
20:23:09.0812 2488 ============================================================
20:23:09.0812 2488 Scan finished
20:23:09.0812 2488 ============================================================
20:23:09.0859 2480 Detected object count: 1
20:23:09.0859 2480 Actual detected object count: 1
20:28:10.0156 2480 \Device\Harddisk0\DR0\# - copied to quarantine
20:28:10.0156 2480 \Device\Harddisk0\DR0 - copied to quarantine
20:28:10.0203 2480 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
20:28:10.0234 2480 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
20:28:10.0234 2480 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
20:28:10.0250 2480 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:28:10.0250 2480 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:28:10.0312 2480 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
20:28:10.0406 2480 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
20:28:10.0453 2480 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
20:28:10.0453 2480 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
20:28:10.0468 2480 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
20:28:10.0468 2480 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
20:28:10.0484 2480 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
20:28:10.0531 2480 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
20:28:10.0531 2480 \Device\Harddisk0\DR0 - ok
20:28:10.0546 2480 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
20:28:22.0656 3564 Deinitialize success

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Mon 16 Apr 2012, 3:10 pm

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 04/15/2012 at 07:48 PM

Application Version : 5.0.1146

Core Rules Database Version : 8451
Trace Rules Database Version: 6263

Scan type : Quick Scan
Total Scan Time : 01:29:21

Operating System Information
Windows XP Professional 32-bit, Service Pack 2 (Build 5.01.2600)
Administrator

Memory items scanned : 426
Memory threats detected : 0
Registry items scanned : 28456
Registry threats detected : 0
File items scanned : 27277
File threats detected : 80

Adware.Tracking Cookie
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@adinterax[1].txt [ /adinterax ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@ads.pointroll[2].txt [ /ads.pointroll ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@adxpose[1].txt [ /adxpose ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@apmebf[2].txt [ /apmebf ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@atdmt[2].txt [ /atdmt ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@collective-media[2].txt [ /collective-media ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@doubleclick[2].txt [ /doubleclick ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@eset.122.2o7[1].txt [ /eset.122.2o7 ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@fastclick[2].txt [ /fastclick ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@imrworldwide[2].txt [ /imrworldwide ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@invitemedia[1].txt [ /invitemedia ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@mediaplex[2].txt [ /mediaplex ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@pointroll[1].txt [ /pointroll ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@pro-market[1].txt [ /pro-market ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@revsci[1].txt [ /revsci ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@serving-sys[2].txt [ /serving-sys ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@statcounter[2].txt [ /statcounter ]
C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Cookies\antonio@tribalfusion[1].txt [ /tribalfusion ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@imrworldwide[2].txt [ Cookie:system@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@fastclick[2].txt [ Cookie:system@fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@ads.gamersmedia[1].txt [ Cookie:system@ads.gamersmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@dc.tremormedia[1].txt [ Cookie:system@dc.tremormedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@ox-d.enveromedia[2].txt [ Cookie:system@ox-d.enveromedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@pointroll[1].txt [ Cookie:system@pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@media6degrees[1].txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@goclicker[1].txt [ Cookie:system@goclicker.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@adsonar[2].txt [ Cookie:system@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@lucidmedia[2].txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@adnetwork[1].txt [ Cookie:system@adnetwork.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@collective-media[2].txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@burstbeacon[2].txt [ Cookie:system@burstbeacon.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@ads.pointroll[2].txt [ Cookie:system@ads.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@realmedia[1].txt [ Cookie:system@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@[You must be registered and logged in to see this link.] [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@ads.footballmedia[2].txt [ Cookie:system@ads.footballmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@burstnet[1].txt [ Cookie:system@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@yieldmanager[1].txt [ Cookie:system@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@apmebf[1].txt [ Cookie:system@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@click.pmi5media[1].txt [ Cookie:system@click.pmi5media.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@ad2.adfarm1.adition[1].txt [ Cookie:system@ad2.adfarm1.adition.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@t.pointroll[2].txt [ Cookie:system@t.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@casalemedia[2].txt [ Cookie:system@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@adserver.adtechus[1].txt [ Cookie:system@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@questionmarket[1].txt [ Cookie:system@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@mtvn.112.2o7[1].txt [ Cookie:system@mtvn.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@s3.trafficno[2].txt [ Cookie:system@s3.trafficno.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@adtech[1].txt [ Cookie:system@adtech.de/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@mm.chitika[2].txt [ Cookie:system@mm.chitika.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@findology[2].txt [ Cookie:system@findology.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\Cookies\system@xml.trafficengine[1].txt [ Cookie:system@xml.trafficengine.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@revsci[5].txt [ Cookie:system@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@ox-d.fondnessmedia[5].txt [ Cookie:system@ox-d.fondnessmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@lucidmedia[4].txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@CA7NBGRB.txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@specificclick[5].txt [ Cookie:system@specificclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@invitemedia[7].txt [ Cookie:system@invitemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@delivery.adserver.manutd[1].txt [ Cookie:system@delivery.adserver.manutd.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@media.adfrontiers[3].txt [ Cookie:system@media.adfrontiers.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@[You must be registered and logged in to see this link.] [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@click.pmi5media[1].txt [ Cookie:system@click.pmi5media.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@ad2.adfarm1.adition[2].txt [ Cookie:system@ad2.adfarm1.adition.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@serving-sys[6].txt [ Cookie:system@serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@s3.trafficno[6].txt [ Cookie:system@s3.trafficno.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@adfarm1.adition[3].txt [ Cookie:system@adfarm1.adition.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@adsonar[2].txt [ Cookie:system@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@adserver.adtechus[1].txt [ Cookie:system@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@ru4[8].txt [ Cookie:system@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@insightexpressai[8].txt [ Cookie:system@insightexpressai.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@invitemedia[11].txt [ Cookie:system@invitemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@advertising[2].txt [ Cookie:system@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@adnetwork[1].txt [ Cookie:system@adnetwork.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@collective-media[10].txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@enhance[6].txt [ Cookie:system@enhance.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@apmebf[7].txt [ Cookie:system@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@adxpose[2].txt [ Cookie:system@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@[You must be registered and logged in to see this link.] [ Cookie:system@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@CAW61GFR.txt [ Cookie:system@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@collective-media[9].txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\Cookies\system@ads.gamersmedia[4].txt [ Cookie:system@ads.gamersmedia.com/ ]

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Mon 16 Apr 2012, 3:11 pm

Malwarebytes Anti-Malware 1.61.0.1400
[You must be registered and logged in to see this link.]

Database version: v2012.04.13.01

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Antonio :: ANTONIO-LAPTOP [administrator]

4/15/2012 8:37:34 PM
mbam-log-2012-04-15 (20-37-34).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 389213
Time elapsed: 3 hour(s), 20 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: %APPDATA%\dplaysvr.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Mon 16 Apr 2012, 3:16 pm

Also in the folder TDSSKiller_Quarantine, should I delete all the different folders there with the quanratined objects?

Thanks again.

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Tue 17 Apr 2012, 4:52 am

Also in the folder TDSSKiller_Quarantine, should I delete all the different folders there with the quanratined objects?
Yes, go ahead and delete.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.
*********************************************************
Please run ComboFix again and post the log.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Tue 17 Apr 2012, 10:12 am

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 136):
0x804D7000 \WINDOWS2\system32\ntkrnlpa.exe
0x806E2000 \WINDOWS2\system32\hal.dll
0xF7B84000 \WINDOWS2\system32\KDCOM.DLL
0xF7A94000 \WINDOWS2\system32\BOOTVID.dll
0xF7555000 ACPI.sys
0xF7B86000 \WINDOWS2\system32\DRIVERS\WMILIB.SYS
0xF7544000 pci.sys
0xF7684000 isapnp.sys
0xF7694000 ohci1394.sys
0xF76A4000 \WINDOWS2\system32\DRIVERS\1394BUS.SYS
0xF7A98000 compbatt.sys
0xF7A9C000 \WINDOWS2\system32\DRIVERS\BATTC.SYS
0xF7C4C000 pciide.sys
0xF7904000 \WINDOWS2\system32\DRIVERS\PCIIDEX.SYS
0xF76B4000 MountMgr.sys
0xF7525000 ftdisk.sys
0xF7B88000 dmload.sys
0xF74FF000 dmio.sys
0xF790C000 PartMgr.sys
0xF76C4000 VolSnap.sys
0xF74E7000 atapi.sys
0xF76D4000 disk.sys
0xF76E4000 \WINDOWS2\system32\DRIVERS\CLASSPNP.SYS
0xF74C8000 fltMgr.sys
0xF74B6000 sr.sys
0xF749F000 KSecDD.sys
0xF7412000 Ntfs.sys
0xF73E5000 NDIS.sys
0xF73CA000 Mup.sys
0xF78A4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF69A8000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF6994000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF79C4000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6971000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF79CC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF694B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF672F000 \SystemRoot\system32\DRIVERS\NETw4x32.sys
0xF78B4000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF78C4000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF671E000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF78D4000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF670A000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF66B9000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF78E4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF79D4000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79DC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF78F4000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7704000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7714000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6696000 \SystemRoot\system32\DRIVERS\ks.sys
0xF79E4000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF73A2000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF739E000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF7D69000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7724000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF739A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF667F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7734000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7744000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF79EC000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF666E000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7754000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF79F4000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF79FC000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF663D000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7764000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7B9C000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6569000 \SystemRoot\system32\DRIVERS\update.sys
0xF7026000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7774000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7784000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7BA4000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF53B9000 \SystemRoot\system32\drivers\sthda.sys
0xF5397000 \SystemRoot\system32\drivers\portcls.sys
0xF7794000 \SystemRoot\system32\drivers\drmk.sys
0xF5374000 \??\C:\WINDOWS2\system32\Drivers\OEM02Afx.sys
0xF5340000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xF524E000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xF519B000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF7A04000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7B54000 \SystemRoot\System32\DRIVERS\cmderd.sys
0xF513D000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0xF7A34000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF7B5C000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF77A4000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7A3C000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF5103000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0xF7BAE000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0xF7B60000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF7BB0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7D28000 \SystemRoot\System32\Drivers\Null.SYS
0xF7BB2000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7A4C000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF7BB6000 \SystemRoot\System32\Drivers\DLADiagM.SYS
0xF7A54000 \SystemRoot\System32\Drivers\DLAPMonM.SYS
0xF7A64000 \SystemRoot\System32\drivers\vga.sys
0xF7BB8000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7BBA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A6C000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7A74000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7B70000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF50D0000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF5078000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF502F000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF7A7C000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0xF5007000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF77B4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF654D000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF77E4000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF4FE5000 \SystemRoot\System32\drivers\afd.sys
0xF77F4000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF4FC3000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0xF7A84000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xF4F97000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF4F28000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7804000 \SystemRoot\System32\Drivers\Fips.SYS
0xF6545000 \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
0xF7824000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF4EE8000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7BC8000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF793C000 \SystemRoot\System32\watchdog.sys
0xF517B000 \SystemRoot\System32\drivers\Dxapi.sys
0xBF9C1000 \SystemRoot\System32\drivers\dxg.sys
0xF7CBE000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF9D3000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xBAFE8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xBAC7B000 \SystemRoot\system32\drivers\wdmaud.sys
0xBADD0000 \SystemRoot\system32\drivers\sysaudio.sys
0xBA689000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xBA5BE000 \SystemRoot\system32\DRIVERS\srv.sys
0xBA75A000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xBA5B6000 \??\C:\WINDOWS2\system32\Drivers\SBKUPNT.SYS
0xBA0F5000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C900000 \WINDOWS2\system32\ntdll.dll

Processes (total 40):
0 System Idle Process
4 System
816 C:\WINDOWS2\system32\smss.exe
880 csrss.exe
912 C:\WINDOWS2\system32\winlogon.exe
956 C:\WINDOWS2\system32\services.exe
968 C:\WINDOWS2\system32\lsass.exe
1136 C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
1148 C:\WINDOWS2\system32\svchost.exe
1216 svchost.exe
1256 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
1284 C:\WINDOWS2\system32\svchost.exe
1440 svchost.exe
1464 svchost.exe
1840 C:\WINDOWS2\system32\spoolsv.exe
196 C:\WINDOWS2\explorer.exe
272 C:\WINDOWS2\system32\rundll32.exe
352 C:\WINDOWS2\system32\rundll32.exe
396 C:\Program Files\Dell\QuickSet\quickset.exe
416 C:\WINDOWS2\OEM02Mon.exe
424 C:\Program Files\Dell\MediaDirect\PCMService.exe
556 C:\Program Files\Common Files\Java\Java Update\jusched.exe
672 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
716 C:\Program Files\iTunes\iTunesHelper.exe
772 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
1712 C:\WINDOWS2\system32\ctfmon.exe
652 C:\Program Files\SUPERAntiSpyware\SASCore.exe
2004 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
736 C:\Program Files\Bonjour\mDNSResponder.exe
2132 C:\Program Files\Google\Update\GoogleUpdate.exe
2140 C:\Program Files\Java\jre6\bin\jqs.exe
2256 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
2360 C:\WINDOWS2\system32\nvsvc32.exe
2444 C:\WINDOWS2\system32\svchost.exe
2896 wmiprvse.exe
3016 C:\Program Files\iPod\bin\iPodService.exe
3444 alg.exe
4000 C:\WINDOWS2\system32\wuauclt.exe
3360 C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Desktop\MBRCheck.exe
2060 C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`04e71400 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS542512K9SA00, Rev: BB2OC39P

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Tue 17 Apr 2012, 10:13 am

ComboFix 12-04-13.01 - Antonio 04/16/2012 18:48:36.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.786 [GMT -4:00]
Running from: c:\documents and settings\Antonio.ANTONIO-LAPTOP\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-14 22:02 . 2012-04-14 22:21 -------- d-----w- C:\96c0d17019026f4c64899da603beb5
2012-04-14 15:41 . 2012-04-14 15:41 -------- d-----w- c:\windows2\system32\KB905474
2012-04-13 22:43 . 2012-04-13 22:43 -------- d-sh--w- c:\windows2\system32\config\systemprofile\PrivacIE
2012-04-13 22:41 . 2012-04-13 22:41 -------- d-sh--w- c:\windows2\system32\config\systemprofile\IETldCache
2012-04-13 00:19 . 2012-04-13 00:19 -------- d-----w- c:\documents and settings\Antonio.ANTONIO-LAPTOP\Application Data\SUPERAntiSpyware.com
2012-04-13 00:16 . 2012-04-13 00:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-13 00:16 . 2012-04-13 00:16 -------- d-----w- c:\documents and settings\All Users.WINDOWS2\Application Data\SUPERAntiSpyware.com
2012-04-12 04:47 . 2012-04-16 22:35 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-09 01:34 . 2012-04-09 01:34 -------- d-----w- C:\VritualRoot
2012-04-09 01:34 . 2012-04-09 01:35 -------- d-----w- c:\documents and settings\All Users.WINDOWS2\Application Data\COMODO
2012-04-09 01:34 . 2012-04-16 22:38 1474832 ----a-w- c:\windows2\system32\drivers\sfi.dat
2012-04-09 00:57 . 2012-04-09 00:59 -------- d-----w- c:\program files\COMODO
2012-04-09 00:53 . 2012-04-09 00:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS2\Application Data\Comodo Downloader
2012-04-08 17:57 . 2012-04-08 17:57 -------- d-----w- c:\program files\CCleaner
2012-04-08 16:24 . 2009-08-06 23:24 44768 ----a-w- c:\windows2\system32\wups2.dll
2012-04-08 16:24 . 2009-08-06 23:24 21728 ----a-w- c:\windows2\system32\wucltui.dll.mui
2012-04-08 16:23 . 2009-08-06 23:24 17632 ----a-w- c:\windows2\system32\wuaueng.dll.mui
2012-04-08 16:23 . 2009-08-06 23:24 15072 ----a-w- c:\windows2\system32\wuaucpl.cpl.mui
2012-04-08 16:23 . 2009-08-06 23:24 15064 ----a-w- c:\windows2\system32\wuapi.dll.mui
2012-04-08 16:12 . 2012-04-08 16:14 -------- d-----w- c:\windows2\system32\NtmsData
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-04-03 03:51 . 2012-04-03 03:51 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY\IETldCache
2012-04-02 02:04 . 2012-04-02 02:04 418464 ----a-w- c:\windows2\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 19:56 . 2011-12-10 22:23 22344 ----a-w- c:\windows2\system32\drivers\mbam.sys
2012-04-02 02:04 . 2011-06-03 16:01 70304 ----a-w- c:\windows2\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-14_05.40.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-16 22:29 . 2012-04-16 22:29 16384 c:\windows2\temp\Perflib_Perfdata_85c.dat
- 2001-08-23 12:00 . 2012-04-14 05:40 69412 c:\windows2\system32\perfc009.dat
+ 2001-08-23 12:00 . 2012-04-14 22:31 69412 c:\windows2\system32\perfc009.dat
+ 2012-04-15 16:54 . 2012-02-15 15:01 43520 c:\windows2\system32\DRVSTORE\usbaapl_87F84F5DA3368BC69CA5BE7F6A79CAA709E36E13\usbaapl.sys
+ 2012-04-14 23:16 . 2012-04-14 23:16 60928 c:\windows2\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\fd23e35a951d31ea22e802cb811ec8d4\UIAutomationProvider.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 37888 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\7b56bca5f163bd90e873e057a2ed9b27\System.Windows.Presentation.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 36864 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\8d8382c70ffd32dad40458e2ea48392f\System.Web.DynamicData.Design.ni.dll
+ 2012-04-15 00:50 . 2012-04-15 00:50 94208 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\b0a3077511dfcbd3a94489749e867908\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-04-15 00:50 . 2012-04-15 00:50 82944 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\188a8e4b692c01a330f1e5486b22e2c5\System.AddIn.Contract.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 47104 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e32bbe37990199c04777207187e32148\PresentationFontCache.ni.exe
+ 2012-04-14 23:11 . 2012-04-14 23:11 39424 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\7d2c7c871a7bfb3a7b511dc0656555d8\PresentationCFFRasterizer.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 55296 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\0d2787cee2f4367d8de2cc2bf250402d\Microsoft.Vsa.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 65024 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\946c582dd68fd3bd12479841e90391d4\Microsoft.Build.Framework.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 74752 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\140a057c468f700fa6f11da9fc446184\Microsoft.Build.Framework.ni.dll
+ 2012-04-15 00:10 . 2012-04-15 00:10 14336 c:\windows2\assembly\NativeImages_v2.0.50727_32\dfsvc\e3adb754fc181d07ba9798064436efab\dfsvc.ni.exe
+ 2012-04-14 23:44 . 2012-04-14 23:44 25600 c:\windows2\assembly\NativeImages_v2.0.50727_32\Accessibility\4fa74462ee1789cab005c46417ab29d4\Accessibility.ni.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 77824 c:\windows2\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 77824 c:\windows2\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 81920 c:\windows2\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 81920 c:\windows2\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 81920 c:\windows2\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 81920 c:\windows2\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 32768 c:\windows2\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 32768 c:\windows2\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 12800 c:\windows2\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 12800 c:\windows2\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 28672 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 28672 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 77824 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-14 22:21 . 2012-04-14 22:21 77824 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 36864 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 36864 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 77824 c:\windows2\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 77824 c:\windows2\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 13312 c:\windows2\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 13312 c:\windows2\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 10752 c:\windows2\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 10752 c:\windows2\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 72192 c:\windows2\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 72192 c:\windows2\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 69120 c:\windows2\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 69120 c:\windows2\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 8192 c:\windows2\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 8192 c:\windows2\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 7168 c:\windows2\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 7168 c:\windows2\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 5632 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-12-24 07:52 . 2011-12-24 07:52 5632 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-12-24 07:52 . 2011-12-24 07:52 6656 c:\windows2\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 6656 c:\windows2\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 8192 c:\windows2\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 8192 c:\windows2\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 113664 c:\windows2\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 113664 c:\windows2\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 258048 c:\windows2\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 258048 c:\windows2\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2001-08-23 12:00 . 2012-04-14 05:40 437144 c:\windows2\system32\perfh009.dat
+ 2001-08-23 12:00 . 2012-04-14 22:31 437144 c:\windows2\system32\perfh009.dat
+ 2012-04-14 15:41 . 2009-03-11 02:18 453512 c:\windows2\system32\KB905474\wgasetup.exe
+ 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows2\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2012-04-15 17:03 . 2012-04-15 17:03 380928 c:\windows2\Installer\{23B8A91D-680B-462B-87AD-3D70F7341731}\iTunesIco.exe
+ 2012-04-15 00:35 . 2012-04-15 00:35 321024 c:\windows2\assembly\NativeImages_v2.0.50727_32\WsatConfig\25d9533907decb903a8e41094e3ebe5f\WsatConfig.ni.exe
+ 2012-04-14 23:18 . 2012-04-14 23:18 240128 c:\windows2\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3da65983c80cac308599cbb88a53e6d\WindowsFormsIntegration.ni.dll
+ 2012-04-14 23:16 . 2012-04-14 23:16 187904 c:\windows2\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d3636894f6b04b5abf405f2505f2ee07\UIAutomationTypes.ni.dll
+ 2012-04-14 23:15 . 2012-04-14 23:15 447488 c:\windows2\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\7db8f36114d5f0d885ef34ffde39140d\UIAutomationClient.ni.dll
+ 2012-04-15 00:55 . 2012-04-15 00:55 400896 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\4a3ca352b2ea03fe42829c66d11541bd\System.Xml.Linq.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 129536 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e5e4f4355808bc02c6cbfe955ad90c8e\System.Web.Routing.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 202240 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\f5c7138d9d04f3a1561f41aec9835ea2\System.Web.RegularExpressions.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 858112 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\845b20e03fdee0ee98d68c77ae8c08cc\System.Web.Extensions.Design.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 328192 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\b886c2a07da8b0007706fda98b563a2f\System.Web.Entity.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 300544 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\2367344e4c94a232f1a0d80a83daf928\System.Web.Entity.Design.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 542720 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\7e541c40696a65b9e30bc5efc951b496\System.Web.DynamicData.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 141312 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95a2024323b35fd51d1295fee4375d31\System.Web.Abstractions.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 627200 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Transactions\b0fe8f366b80db700a9ddd6ca535cc91\System.Transactions.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 212992 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7c95f4d3cbeb0dd34d76358bbec3047\System.ServiceProcess.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 676352 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Security\78612dcaab25f029217743b04c525984\System.Security.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 311296 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e7df99e5f027dbdc47b8d31cc9c03913\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 621056 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Net\ee263d7d5bdcfcf9d3fae242582213a3\System.Net.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 998400 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Management\54e83b3b4e4dd558e8ecb2e213407c1f\System.Management.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 330752 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Management.I#\4afda85897db6a1baa26f0af7029d1db\System.Management.Instrumentation.ni.dll
+ 2012-04-15 00:07 . 2012-04-15 00:07 381440 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.IO.Log\c24b1e4145080e43c8e47cba30c3fccd\System.IO.Log.ni.dll
+ 2012-04-15 00:03 . 2012-04-15 00:03 212992 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\c200cc4b43b75cd446629ebdce90afd4\System.IdentityModel.Selectors.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 280064 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6631ed8566af6d3d8563fc4c0c2578d9\System.EnterpriseServices.Wrapper.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 627712 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6631ed8566af6d3d8563fc4c0c2578d9\System.EnterpriseServices.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 208384 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e79cacbe1259ef88b1fa03a01b6fc6bf\System.Drawing.Design.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 880640 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f923615471c1d999a8473981776bb87c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 455680 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\5a685b5957b5155da7a937049a06956c\System.DirectoryServices.Protocols.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 354816 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\98b4ebd2fe024c5c364880e09e0d36df\System.Data.Services.Design.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 939520 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2cde19c145cbec7ccc5e0a4014da2026\System.Data.Services.Client.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 755712 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\1480455acca1a4c217e9a41c287b7d3c\System.Data.Entity.Design.ni.dll
+ 2012-04-15 00:50 . 2012-04-15 00:50 135680 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\878b4efbeab0fd4d858ec53e4c480552\System.Data.DataSetExtensions.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 970752 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Configuration\60b25b27fbf5f0f94fd65fcbdc3f3b2b\System.Configuration.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 141312 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\59e3fd820ada873e4386d896eef9be47\System.Configuration.Install.ni.dll
+ 2012-04-15 00:50 . 2012-04-15 00:50 632832 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.AddIn\3d4a850973028354fca7ef9fc96ee8a8\System.AddIn.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 365056 c:\windows2\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3d643a4e02904807643405cc066e5608\SMSvcHost.ni.exe
+ 2012-04-15 00:35 . 2012-04-15 00:35 255488 c:\windows2\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\79211ea9793c2a07bc28c7de65b2350f\SMDiagnostics.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 319488 c:\windows2\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\7903871129d7e06eb08204f239a23c47\ServiceModelReg.ni.exe
+ 2012-04-14 23:12 . 2012-04-14 23:12 258048 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cdce2437c0a2820bd1a7465792a1c433\PresentationFramework.Royale.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 368128 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7fa8ee532e6629cb90d65e486b922691\PresentationFramework.Aero.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 539648 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70ac14c28100d0ca7ed1170597fbc172\PresentationFramework.Luna.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 224768 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\203c63d75c419ded87c657a05d8ae7b8\PresentationFramework.Classic.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 133632 c:\windows2\assembly\NativeImages_v2.0.50727_32\MSBuild\ec254c94553f453faeac64fea1d4933f\MSBuild.ni.exe
+ 2012-04-15 00:20 . 2012-04-15 00:20 386560 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc33f030b62548bd9e04315172c49164\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 144384 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\5d384f36fdd4c4d3cce61de683838265\Microsoft.Build.Utilities.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 175104 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\5bcafa6f8ab237a635d1ac1f09732109\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 838656 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\647ad95bdbd360b742b66bbb6ec24b3f\Microsoft.Build.Engine.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 222720 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\b9b775368ce8d1e0362b02e38a1f72cf\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 220672 c:\windows2\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\ed7165f230179ddb231ebfc2a6177bc8\CustomMarshalers.ni.dll
+ 2012-04-15 00:13 . 2012-04-15 00:13 409600 c:\windows2\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\db904c838645ec5261e5740166e1bbe4\ComSvcConfig.ni.exe
+ 2012-04-14 23:58 . 2012-04-14 23:58 842240 c:\windows2\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\41f25f2d4d997096a964c47068035da2\AspNetMMCExt.ni.dll
+ 2012-04-14 22:16 . 2012-04-14 22:16 839680 c:\windows2\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 839680 c:\windows2\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 835584 c:\windows2\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 835584 c:\windows2\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 114688 c:\windows2\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 114688 c:\windows2\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 258048 c:\windows2\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 258048 c:\windows2\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 131072 c:\windows2\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 131072 c:\windows2\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 303104 c:\windows2\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 303104 c:\windows2\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-14 22:21 . 2012-04-14 22:21 258048 c:\windows2\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 258048 c:\windows2\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-14 22:21 . 2012-04-14 22:21 372736 c:\windows2\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 372736 c:\windows2\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 626688 c:\windows2\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 626688 c:\windows2\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 401408 c:\windows2\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 401408 c:\windows2\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 188416 c:\windows2\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 188416 c:\windows2\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 970752 c:\windows2\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 970752 c:\windows2\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 745472 c:\windows2\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 745472 c:\windows2\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 425984 c:\windows2\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 425984 c:\windows2\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 110592 c:\windows2\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 110592 c:\windows2\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-14 22:18 . 2012-04-14 22:18 659456 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 659456 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 372736 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 372736 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 110592 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 110592 c:\windows2\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 749568 c:\windows2\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-14 22:19 . 2012-04-14 22:19 749568 c:\windows2\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-14 22:21 . 2012-04-14 22:21 655360 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 655360 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 348160 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 348160 c:\windows2\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 507904 c:\windows2\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-14 22:16 . 2012-04-14 22:16 507904 c:\windows2\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 261632 c:\windows2\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 261632 c:\windows2\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 113664 c:\windows2\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 113664 c:\windows2\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 258048 c:\windows2\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-14 22:20 . 2012-04-14 22:20 258048 c:\windows2\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 486400 c:\windows2\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 486400 c:\windows2\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-04-14 15:41 . 2009-03-11 02:26 1403264 c:\windows2\system32\KB905474\wganotifypackageinner.exe
+ 2012-04-15 16:54 . 2012-02-15 15:01 4547944 c:\windows2\system32\DRVSTORE\usbaapl_87F84F5DA3368BC69CA5BE7F6A79CAA709E36E13\usbaaplrc.dll
+ 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows2\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-08 03:51 . 2009-08-08 03:51 4546560 c:\windows2\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 4546560 c:\windows2\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-04-15 17:03 . 2012-04-15 17:03 4288000 c:\windows2\Installer\3111d7.msi
+ 2012-04-15 16:54 . 2012-04-15 16:54 1718784 c:\windows2\Installer\310649.msi
+ 2012-04-15 16:52 . 2012-04-15 16:52 1530368 c:\windows2\Installer\3105fa.msi
+ 2012-04-14 23:11 . 2012-04-14 23:11 3312128 c:\windows2\assembly\NativeImages_v2.0.50727_32\WindowsBase\c770cdb4fc7f26c9b5fe858d4147ae57\WindowsBase.ni.dll
+ 2012-04-14 23:15 . 2012-04-14 23:15 1049600 c:\windows2\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\fd463597ccb0d17afb9ed0491bfb996a\UIAutomationClientsideProviders.ni.dll
+ 2012-04-14 23:11 . 2012-04-14 23:11 7868416 c:\windows2\assembly\NativeImages_v2.0.50727_32\System\2e356db128ec7354bd70a3ecc84b1f87\System.ni.dll
+ 2012-04-14 23:15 . 2012-04-14 23:15 5450240 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Xml\28cee07c1277b35abcb83560cd8c677c\System.Xml.ni.dll
+ 2012-04-15 00:55 . 2012-04-15 00:55 1355776 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9c196402a2fb13fb2aa38af5443bfdbe\System.WorkflowServices.ni.dll
+ 2012-04-15 00:55 . 2012-04-15 00:55 1904640 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f52a5a56dc55c1aaa6d58dc424f1a66b\System.Workflow.Runtime.ni.dll
+ 2012-04-15 00:55 . 2012-04-15 00:55 4511744 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c5cbcb790872f5752a77ff317ffe9cef\System.Workflow.ComponentModel.ni.dll
+ 2012-04-15 00:55 . 2012-04-15 00:55 2990080 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\2e5a0405b6f55ae6c7f43fd044a4f33e\System.Workflow.Activities.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 1840128 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f4f2da215c1558cc952f993b46cee500\System.Web.Services.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 2209280 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\2c2359a43c0623f343893805ed50e320\System.Web.Mobile.ni.dll
+ 2012-04-15 00:54 . 2012-04-15 00:54 2400256 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9b143a7495238f7dcfb4aa4186793810\System.Web.Extensions.ni.dll
+ 2012-04-14 23:14 . 2012-04-14 23:14 1913344 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Speech\75cf391f0ecb47c6a614a66d6b51253a\System.Speech.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 1705984 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\244eb842bea60d1f6cfdc18179187ec5\System.ServiceModel.Web.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 2338304 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\7140256b1e3bf35d44a8dd98a4417252\System.Runtime.Serialization.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 1035264 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Printing\571e33db0f70fd1184e3ba25dea0dc0b\System.Printing.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 1056768 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2899af558a530772289cb4b022ef8d59\System.IdentityModel.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 1587200 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Drawing\f9c517646d0706b9c61a41af685ff6b7\System.Drawing.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 1116672 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\35ed64ce9b52d5c0d8fd7bc57b4d7567\System.DirectoryServices.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 1801216 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Deployment\6d697a2d4a40e33d2bef6f013bc24172\System.Deployment.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 6615040 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data\288044f77c184ff68e0200f762c395f4\System.Data.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 2508800 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f147fcb77773d92459234364453d999d\System.Data.SqlXml.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 1326080 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Services\189318a2dd4c865bc4a2e72690e539c8\System.Data.Services.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 2510848 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c8fe4e187a8f4b17a0448268fa3e0b6b\System.Data.Linq.ni.dll
+ 2012-04-15 00:51 . 2012-04-15 00:51 9903104 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\19c31313c619dd2a20c8a5f2db6f3c49\System.Data.Entity.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 2295296 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Core\349efab7d4325e3cf4bc57b8a1b0f605\System.Core.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 2126336 c:\windows2\assembly\NativeImages_v2.0.50727_32\ReachFramework\3b35e47f4876f2eed2e86b2829da0fbf\ReachFramework.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 1657344 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationUI\f256e6ef01b68fbc8d60628b5479185b\PresentationUI.ni.dll
+ 2012-04-14 23:11 . 2012-04-14 23:11 1451008 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\647e0b340467d8b9ef7c6474ed5bde64\PresentationBuildTasks.ni.dll
+ 2012-04-15 00:49 . 2012-04-15 00:49 1711616 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\78e5f513b0f72eefd2520487234e2682\Microsoft.VisualBasic.ni.dll
+ 2012-04-15 00:17 . 2012-04-15 00:17 1092608 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\352ff12172320422fba0a1f3c897effd\Microsoft.Transactions.Bridge.ni.dll
+ 2012-04-15 00:52 . 2012-04-15 00:52 2332160 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\f343123b61afde383fa8802b4036406d\Microsoft.JScript.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 1620480 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\8f93d800182e905d077708000000c2ed\Microsoft.Build.Tasks.ni.dll
+ 2012-04-15 00:36 . 2012-04-15 00:36 1965568 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\43283a953017aea23fba571fee822242\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-15 00:35 . 2012-04-15 00:35 1886208 c:\windows2\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be9d5f8a9c2c4bed5477e8fd55a97c50\Microsoft.Build.Engine.ni.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 3149824 c:\windows2\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 3149824 c:\windows2\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 2048000 c:\windows2\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 2048000 c:\windows2\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 5025792 c:\windows2\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 5025792 c:\windows2\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-14 22:17 . 2012-04-14 22:17 5062656 c:\windows2\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 5062656 c:\windows2\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 5238784 c:\windows2\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-14 22:16 . 2012-04-14 22:16 5238784 c:\windows2\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-14 22:28 . 2012-04-14 22:28 2933248 c:\windows2\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 2933248 c:\windows2\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-14 22:21 . 2012-04-14 22:21 4546560 c:\windows2\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-12-24 07:52 . 2011-12-24 07:52 4546560 c:\windows2\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-08-15 00:32 . 2009-08-15 00:32 11110912 c:\windows2\Installer\c1559.msp
+ 2012-04-14 23:14 . 2012-04-14 23:14 12430848 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1d1239cae67610d8659752751abc7856\System.Windows.Forms.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 11792384 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Web\7ab978a5d4256384ba0af0dc24198117\System.Web.ni.dll
+ 2012-04-15 00:53 . 2012-04-15 00:53 17314816 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\6546b83e8dc6bda9d61e2b969ac380f3\System.ServiceModel.ni.dll
+ 2012-04-14 23:13 . 2012-04-14 23:13 10682368 c:\windows2\assembly\NativeImages_v2.0.50727_32\System.Design\5f5f201fb2705a1523212fcaf593bf5e\System.Design.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 14322688 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e3d4d240794478ea8067ceed63bbad1e\PresentationFramework.ni.dll
+ 2012-04-14 23:12 . 2012-04-14 23:12 12215296 c:\windows2\assembly\NativeImages_v2.0.50727_32\PresentationCore\4619e16b34a37586c8dbae5f71359156\PresentationCore.ni.dll
+ 2012-04-14 23:11 . 2012-04-14 23:11 11485184 c:\windows2\assembly\NativeImages_v2.0.50727_32\mscorlib\4b10d8196bb368996ec5d24fca777456\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVHotkey"="nvHotkey.dll" [2008-02-22 86016]
"NvCplDaemon"="c:\windows2\system32\NvCpl.dll" [2008-02-22 13508608]
"nwiz"="nwiz.exe" [2008-02-22 1626112]
"NvMediaCenter"="c:\windows2\system32\NvMcTray.dll" [2008-02-22 86016]
"IMJPMIG8.1"="c:\windows2\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows2\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows2\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows2\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-03 1228800]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"OEM02Mon.exe"="c:\windows2\OEM02Mon.exe" [2007-05-10 36864]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-09 2029456]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Svc2dll"="c:\documents and settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\svcxdcl32.exe" [BU]
"dplaysvr"="c:\documents and settings\Antonio.ANTONIO-LAPTOP\Application Data\dplaysvr.exe" [BU]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows2\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows2\system32\drivers\cmderd.sys [4/9/2010 1:25 AM 15464]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows2\system32\drivers\cmdGuard.sys [4/9/2010 1:25 AM 225344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows2\system32\drivers\cmdhlp.sys [4/9/2010 1:25 AM 25240]
R1 DLADiagM;DLADiagM;c:\windows2\system32\drivers\DLADiagM.SYS [10/3/2010 12:07 AM 13688]
R1 DLAPMonM;DLAPMonM;c:\windows2\system32\drivers\DLAPMonM.SYS [10/3/2010 12:07 AM 30744]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [2/19/2010 5:00 PM 148744]
R2 SBKUPNT;SBKUPNT;c:\windows2\system32\drivers\SBKUPNT.SYS [10/17/2010 1:05 AM 14976]
S1 DLADHK_M;DLADHK_M;c:\windows2\system32\drivers\DLADHK_M.SYS [10/3/2010 12:07 AM 33592]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/29/2010 8:11 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows2\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/1/2012 10:04 PM 253600]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/29/2010 8:11 PM 135664]
S3 SysProtDrv.sys;SysProtDrv.sys;c:\documents and settings\Antonio.ANTONIO-LAPTOP\Desktop\SysProt\SysProt\SysProtDrv.sys [4/14/2012 3:52 PM 44288]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-16 c:\windows2\Tasks\Adobe Flash Player Updater.job
- c:\windows2\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 02:04]
.
2011-12-26 c:\windows2\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 22:57]
.
2012-04-16 c:\windows2\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 00:11]
.
2012-04-16 c:\windows2\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 00:11]
.
2012-04-16 c:\windows2\Tasks\WGASetup.job
- c:\windows2\system32\KB905474\wgasetup.exe [2012-04-14 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-04-16 19:05
Windows 5.1.2600 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(912)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(1596)
c:\windows2\system32\msi.dll
c:\windows2\system32\ieframe.dll
c:\windows2\system32\webcheck.dll
.
Completion time: 2012-04-16 19:07:51
ComboFix-quarantined-files.txt 2012-04-16 23:07
ComboFix2.txt 2012-04-14 19:44
ComboFix3.txt 2012-04-14 06:00
ComboFix4.txt 2011-04-22 22:36
ComboFix5.txt 2012-04-16 22:46
.
Pre-Run: 13,517,705,216 bytes free
Post-Run: 14,075,211,776 bytes free
.
- - End Of File - - 1451A9E4005D5526E01F8B3F98D7A45F

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Tue 17 Apr 2012, 11:32 am

TDSSKiller is the one scan that found anything the second time around. Could you please run it again and post the log.

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the License agreement and click on next.
  • It will, by default, install it to your desktop folder. Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Tue 17 Apr 2012, 2:05 pm

22:58:11.0968 1960 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
22:58:12.0562 1960 ============================================================
22:58:12.0562 1960 Current date / time: 2012/04/16 22:58:12.0562
22:58:12.0562 1960 SystemInfo:
22:58:12.0562 1960
22:58:12.0562 1960 OS Version: 5.1.2600 ServicePack: 2.0
22:58:12.0562 1960 Product type: Workstation
22:58:12.0562 1960 ComputerName: ANTONIO-LAPTOP
22:58:12.0562 1960 UserName: Antonio
22:58:12.0562 1960 Windows directory: C:\WINDOWS2
22:58:12.0562 1960 System windows directory: C:\WINDOWS2
22:58:12.0562 1960 Processor architecture: Intel x86
22:58:12.0562 1960 Number of processors: 2
22:58:12.0562 1960 Page size: 0x1000
22:58:12.0562 1960 Boot type: Normal boot
22:58:12.0562 1960 ============================================================
22:58:16.0078 1960 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:58:16.0078 1960 \Device\Harddisk0\DR0:
22:58:16.0078 1960 MBR used
22:58:16.0078 1960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xD3EEAC9
22:58:16.0203 1960 Initialize success
22:58:16.0203 1960 ============================================================
22:58:32.0359 0184 ============================================================
22:58:32.0359 0184 Scan started
22:58:32.0359 0184 Mode: Manual;
22:58:32.0359 0184 ============================================================
22:58:32.0671 0184 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:58:32.0671 0184 !SASCORE - ok
22:58:32.0812 0184 Abiosdsk - ok
22:58:32.0828 0184 abp480n5 - ok
22:58:32.0875 0184 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS2\system32\DRIVERS\ACPI.sys
22:58:32.0890 0184 ACPI - ok
22:58:32.0921 0184 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS2\system32\drivers\ACPIEC.sys
22:58:32.0937 0184 ACPIEC - ok
22:58:33.0031 0184 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS2\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:33.0031 0184 AdobeFlashPlayerUpdateSvc - ok
22:58:33.0140 0184 adpu160m - ok
22:58:33.0203 0184 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS2\system32\drivers\aec.sys
22:58:33.0203 0184 aec - ok
22:58:33.0265 0184 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS2\System32\drivers\afd.sys
22:58:33.0265 0184 AFD - ok
22:58:33.0281 0184 Aha154x - ok
22:58:33.0281 0184 aic78u2 - ok
22:58:33.0296 0184 aic78xx - ok
22:58:33.0359 0184 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS2\system32\alrsvc.dll
22:58:33.0359 0184 Alerter - ok
22:58:33.0390 0184 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS2\System32\alg.exe
22:58:33.0390 0184 ALG - ok
22:58:33.0515 0184 AliIde - ok
22:58:33.0531 0184 amsint - ok
22:58:33.0562 0184 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS2\SYSTEM32\DRIVERS\APPDRV.SYS
22:58:33.0578 0184 APPDRV - ok
22:58:33.0750 0184 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:58:33.0750 0184 Apple Mobile Device - ok
22:58:33.0875 0184 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS2\System32\appmgmts.dll
22:58:33.0890 0184 AppMgmt - ok
22:58:33.0953 0184 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS2\system32\DRIVERS\arp1394.sys
22:58:33.0953 0184 Arp1394 - ok
22:58:33.0968 0184 asc - ok
22:58:34.0000 0184 asc3350p - ok
22:58:34.0015 0184 asc3550 - ok
22:58:34.0140 0184 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS2\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:58:34.0140 0184 aspnet_state - ok
22:58:34.0312 0184 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS2\system32\DRIVERS\asyncmac.sys
22:58:34.0312 0184 AsyncMac - ok
22:58:34.0390 0184 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS2\system32\DRIVERS\atapi.sys
22:58:34.0390 0184 atapi - ok
22:58:34.0406 0184 Atdisk - ok
22:58:34.0453 0184 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS2\system32\DRIVERS\atmarpc.sys
22:58:34.0453 0184 Atmarpc - ok
22:58:34.0562 0184 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS2\System32\audiosrv.dll
22:58:34.0562 0184 AudioSrv - ok
22:58:34.0656 0184 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS2\system32\DRIVERS\audstub.sys
22:58:34.0656 0184 audstub - ok
22:58:34.0718 0184 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS2\system32\DRIVERS\bcm4sbxp.sys
22:58:34.0718 0184 bcm4sbxp - ok
22:58:34.0781 0184 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS2\system32\drivers\Beep.sys
22:58:34.0781 0184 Beep - ok
22:58:34.0843 0184 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS2\system32\qmgr.dll
22:58:34.0859 0184 BITS - ok
22:58:34.0984 0184 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:58:35.0000 0184 Bonjour Service - ok
22:58:35.0125 0184 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS2\System32\browser.dll
22:58:35.0140 0184 Browser - ok
22:58:35.0234 0184 catchme - ok
22:58:35.0296 0184 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS2\system32\drivers\cbidf2k.sys
22:58:35.0296 0184 cbidf2k - ok
22:58:35.0343 0184 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS2\system32\DRIVERS\CCDECODE.sys
22:58:35.0359 0184 CCDECODE - ok
22:58:35.0453 0184 cd20xrnt - ok
22:58:35.0515 0184 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS2\system32\drivers\Cdaudio.sys
22:58:35.0515 0184 Cdaudio - ok
22:58:35.0562 0184 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS2\system32\drivers\Cdfs.sys
22:58:35.0562 0184 Cdfs - ok
22:58:35.0640 0184 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS2\system32\DRIVERS\cdrom.sys
22:58:35.0640 0184 Cdrom - ok
22:58:35.0656 0184 Changer - ok
22:58:35.0687 0184 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS2\system32\cisvc.exe
22:58:35.0703 0184 CiSvc - ok
22:58:35.0812 0184 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS2\system32\clipsrv.exe
22:58:35.0812 0184 ClipSrv - ok
22:58:35.0890 0184 CLPSLS (56139566e462c1fb1775e140d4ee6b22) C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
22:58:35.0906 0184 CLPSLS - ok
22:58:36.0015 0184 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:36.0031 0184 clr_optimization_v2.0.50727_32 - ok
22:58:36.0109 0184 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS2\system32\DRIVERS\CmBatt.sys
22:58:36.0125 0184 CmBatt - ok
22:58:36.0218 0184 cmdAgent (8e0528204ca034cbc3af65cf1831a4f4) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:58:36.0265 0184 cmdAgent - ok
22:58:36.0421 0184 cmderd (ae1c31d030a21f0afabe2df269d1181f) C:\WINDOWS2\system32\DRIVERS\cmderd.sys
22:58:36.0421 0184 cmderd - ok
22:58:36.0453 0184 cmdGuard (ee8d7168cbbe3af052ea93015f51abe9) C:\WINDOWS2\system32\DRIVERS\cmdguard.sys
22:58:36.0453 0184 cmdGuard - ok
22:58:36.0515 0184 cmdHlp (45a1f7d2890681f22406458d93d03cc1) C:\WINDOWS2\system32\DRIVERS\cmdhlp.sys
22:58:36.0515 0184 cmdHlp - ok
22:58:36.0531 0184 CmdIde - ok
22:58:36.0578 0184 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS2\system32\DRIVERS\compbatt.sys
22:58:36.0578 0184 Compbatt - ok
22:58:36.0609 0184 COMSysApp - ok
22:58:36.0625 0184 Cpqarray - ok
22:58:36.0687 0184 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS2\System32\cryptsvc.dll
22:58:36.0687 0184 CryptSvc - ok
22:58:36.0796 0184 dac2w2k - ok
22:58:36.0812 0184 dac960nt - ok
22:58:36.0875 0184 DcomLaunch (5c83a4408604f737717ab96371201680) C:\WINDOWS2\system32\rpcss.dll
22:58:36.0890 0184 DcomLaunch - ok
22:58:36.0984 0184 Dhcp (cb6ca3e5261d65f6f809eed23bf167aa) C:\WINDOWS2\System32\dhcpcsvc.dll
22:58:36.0984 0184 Dhcp - ok
22:58:37.0015 0184 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS2\system32\DRIVERS\disk.sys
22:58:37.0031 0184 Disk - ok
22:58:37.0062 0184 DLADHK_M (6b2c6d29bb1954f1a328faedfbec31d9) C:\WINDOWS2\system32\Drivers\DLADHK_M.SYS
22:58:37.0062 0184 DLADHK_M - ok
22:58:37.0125 0184 DLADiagM (2c31280ba21446e89ba2265fafba45b9) C:\WINDOWS2\system32\Drivers\DLADiagM.SYS
22:58:37.0125 0184 DLADiagM - ok
22:58:37.0140 0184 DLAPMonM (8ea0b56da6197d557aed3f2a843738aa) C:\WINDOWS2\system32\Drivers\DLAPMonM.SYS
22:58:37.0140 0184 DLAPMonM - ok
22:58:37.0156 0184 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS2\system32\Drivers\DLARTL_M.SYS
22:58:37.0156 0184 DLARTL_M - ok
22:58:37.0171 0184 dmadmin - ok
22:58:37.0250 0184 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS2\system32\drivers\dmboot.sys
22:58:37.0265 0184 dmboot - ok
22:58:37.0421 0184 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS2\system32\drivers\dmio.sys
22:58:37.0437 0184 dmio - ok
22:58:37.0468 0184 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS2\system32\drivers\dmload.sys
22:58:37.0468 0184 dmload - ok
22:58:37.0531 0184 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS2\System32\dmserver.dll
22:58:37.0531 0184 dmserver - ok
22:58:37.0593 0184 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS2\system32\drivers\DMusic.sys
22:58:37.0593 0184 DMusic - ok
22:58:37.0609 0184 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS2\System32\dnsrslvr.dll
22:58:37.0609 0184 Dnscache - ok
22:58:37.0734 0184 dpti2o - ok
22:58:37.0781 0184 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS2\system32\drivers\drmkaud.sys
22:58:37.0781 0184 drmkaud - ok
22:58:37.0843 0184 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS2\System32\ersvc.dll
22:58:37.0843 0184 ERSvc - ok
22:58:37.0890 0184 Eventlog (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS2\system32\services.exe
22:58:37.0906 0184 Eventlog - ok
22:58:37.0968 0184 EventSystem (acd36a2dd7d1e9d8a060aa651dc07e63) C:\WINDOWS2\system32\es.dll
22:58:37.0968 0184 EventSystem - ok
22:58:38.0140 0184 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS2\system32\drivers\Fastfat.sys
22:58:38.0140 0184 Fastfat - ok
22:58:38.0171 0184 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
22:58:38.0187 0184 FastUserSwitchingCompatibility - ok
22:58:38.0203 0184 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS2\system32\drivers\Fdc.sys
22:58:38.0203 0184 Fdc - ok
22:58:38.0234 0184 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS2\system32\drivers\Fips.sys
22:58:38.0234 0184 Fips - ok
22:58:38.0250 0184 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS2\system32\drivers\Flpydisk.sys
22:58:38.0250 0184 Flpydisk - ok
22:58:38.0328 0184 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS2\system32\DRIVERS\fltMgr.sys
22:58:38.0328 0184 FltMgr - ok
22:58:38.0484 0184 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:58:38.0500 0184 FontCache3.0.0.0 - ok
22:58:38.0609 0184 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS2\system32\drivers\Fs_Rec.sys
22:58:38.0609 0184 Fs_Rec - ok
22:58:38.0671 0184 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS2\system32\DRIVERS\ftdisk.sys
22:58:38.0687 0184 Ftdisk - ok
22:58:38.0734 0184 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS2\system32\DRIVERS\GEARAspiWDM.sys
22:58:38.0734 0184 GEARAspiWDM - ok
22:58:38.0875 0184 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS2\system32\DRIVERS\msgpc.sys
22:58:38.0890 0184 Gpc - ok
22:58:39.0031 0184 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:58:39.0031 0184 gupdate - ok
22:58:39.0031 0184 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:58:39.0031 0184 gupdatem - ok
22:58:39.0093 0184 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS2\system32\DRIVERS\HDAudBus.sys
22:58:39.0093 0184 HDAudBus - ok
22:58:39.0218 0184 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS2\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:58:39.0218 0184 helpsvc - ok
22:58:39.0296 0184 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS2\System32\hidserv.dll
22:58:39.0296 0184 HidServ - ok
22:58:39.0390 0184 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS2\system32\DRIVERS\hidusb.sys
22:58:39.0390 0184 HidUsb - ok
22:58:39.0406 0184 hpn - ok
22:58:39.0484 0184 HSFHWAZL (b1526810210980bed9d22315946c919d) C:\WINDOWS2\system32\DRIVERS\HSFHWAZL.sys
22:58:39.0484 0184 HSFHWAZL - ok
22:58:39.0609 0184 HSF_DPV (ddbd528e60f5961c142a490dc4ea7780) C:\WINDOWS2\system32\DRIVERS\HSF_DPV.sys
22:58:39.0656 0184 HSF_DPV - ok
22:58:39.0828 0184 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS2\system32\Drivers\HTTP.sys
22:58:39.0828 0184 HTTP - ok
22:58:39.0906 0184 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS2\System32\w3ssl.dll
22:58:39.0906 0184 HTTPFilter - ok
22:58:39.0921 0184 i2omgmt - ok
22:58:39.0937 0184 i2omp - ok
22:58:40.0000 0184 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS2\system32\DRIVERS\i8042prt.sys
22:58:40.0000 0184 i8042prt - ok
22:58:40.0234 0184 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:58:40.0328 0184 idsvc - ok
22:58:40.0500 0184 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS2\system32\DRIVERS\imapi.sys
22:58:40.0500 0184 Imapi - ok
22:58:40.0546 0184 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS2\system32\imapi.exe
22:58:40.0562 0184 ImapiService - ok
22:58:40.0578 0184 ini910u - ok
22:58:40.0593 0184 IntelIde - ok
22:58:40.0640 0184 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS2\system32\DRIVERS\intelppm.sys
22:58:40.0656 0184 intelppm - ok
22:58:40.0687 0184 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS2\system32\DRIVERS\Ip6Fw.sys
22:58:40.0687 0184 Ip6Fw - ok
22:58:40.0828 0184 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS2\system32\DRIVERS\ipinip.sys
22:58:40.0828 0184 IpInIp - ok
22:58:40.0859 0184 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS2\system32\DRIVERS\ipnat.sys
22:58:40.0875 0184 IpNat - ok
22:58:41.0062 0184 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:58:41.0109 0184 iPod Service - ok
22:58:41.0281 0184 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS2\system32\DRIVERS\ipsec.sys
22:58:41.0281 0184 IPSec - ok
22:58:41.0359 0184 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS2\system32\DRIVERS\irenum.sys
22:58:41.0359 0184 IRENUM - ok
22:58:41.0421 0184 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS2\system32\DRIVERS\isapnp.sys
22:58:41.0421 0184 isapnp - ok
22:58:41.0562 0184 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
22:58:41.0578 0184 JavaQuickStarterService - ok
22:58:41.0734 0184 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS2\system32\DRIVERS\kbdclass.sys
22:58:41.0750 0184 Kbdclass - ok
22:58:41.0796 0184 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS2\system32\drivers\kmixer.sys
22:58:41.0812 0184 kmixer - ok
22:58:41.0843 0184 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS2\system32\drivers\KSecDD.sys
22:58:41.0859 0184 KSecDD - ok
22:58:41.0906 0184 lanmanserver (93d32468d34e000cb3407947d1d6e22a) C:\WINDOWS2\System32\srvsvc.dll
22:58:41.0921 0184 lanmanserver - ok
22:58:42.0046 0184 lanmanworkstation (2c0a7b2ae9c26f2c163627679b42783c) C:\WINDOWS2\System32\wkssvc.dll
22:58:42.0046 0184 lanmanworkstation - ok
22:58:42.0093 0184 lbrtfdc - ok
22:58:42.0125 0184 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS2\System32\lmhsvc.dll
22:58:42.0125 0184 LmHosts - ok
22:58:42.0234 0184 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:58:42.0234 0184 MDM - ok
22:58:42.0421 0184 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS2\system32\DRIVERS\mdmxsdk.sys
22:58:42.0421 0184 mdmxsdk - ok
22:58:42.0500 0184 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS2\System32\msgsvc.dll
22:58:42.0515 0184 Messenger - ok
22:58:42.0593 0184 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS2\system32\drivers\mnmdd.sys
22:58:42.0593 0184 mnmdd - ok
22:58:42.0656 0184 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS2\system32\mnmsrvc.exe
22:58:42.0671 0184 mnmsrvc - ok
22:58:42.0781 0184 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS2\system32\drivers\Modem.sys
22:58:42.0781 0184 Modem - ok
22:58:42.0828 0184 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS2\system32\DRIVERS\mouclass.sys
22:58:42.0828 0184 Mouclass - ok
22:58:42.0906 0184 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS2\system32\DRIVERS\mouhid.sys
22:58:42.0906 0184 mouhid - ok
22:58:42.0984 0184 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS2\system32\drivers\MountMgr.sys
22:58:42.0984 0184 MountMgr - ok
22:58:43.0046 0184 mraid35x - ok
22:58:43.0062 0184 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS2\system32\DRIVERS\mrxdav.sys
22:58:43.0062 0184 MRxDAV - ok
22:58:43.0109 0184 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS2\system32\DRIVERS\mrxsmb.sys
22:58:43.0203 0184 MRxSmb - ok
22:58:43.0328 0184 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS2\system32\msdtc.exe
22:58:43.0328 0184 MSDTC - ok
22:58:43.0453 0184 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS2\system32\drivers\Msfs.sys
22:58:43.0453 0184 Msfs - ok
22:58:43.0468 0184 MSIServer - ok
22:58:43.0546 0184 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS2\system32\drivers\MSKSSRV.sys
22:58:43.0546 0184 MSKSSRV - ok
22:58:43.0593 0184 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS2\system32\drivers\MSPCLOCK.sys
22:58:43.0593 0184 MSPCLOCK - ok
22:58:43.0750 0184 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS2\system32\drivers\MSPQM.sys
22:58:43.0750 0184 MSPQM - ok
22:58:43.0796 0184 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS2\system32\DRIVERS\mssmbios.sys
22:58:43.0812 0184 mssmbios - ok
22:58:43.0828 0184 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS2\system32\drivers\MSTEE.sys
22:58:43.0843 0184 MSTEE - ok
22:58:43.0890 0184 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS2\system32\drivers\Mup.sys
22:58:43.0906 0184 Mup - ok
22:58:43.0937 0184 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS2\system32\DRIVERS\NABTSFEC.sys
22:58:43.0937 0184 NABTSFEC - ok
22:58:44.0093 0184 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS2\system32\drivers\NDIS.sys
22:58:44.0109 0184 NDIS - ok
22:58:44.0125 0184 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS2\system32\DRIVERS\NdisIP.sys
22:58:44.0125 0184 NdisIP - ok
22:58:44.0203 0184 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS2\system32\DRIVERS\ndistapi.sys
22:58:44.0203 0184 NdisTapi - ok
22:58:44.0250 0184 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS2\system32\DRIVERS\ndisuio.sys
22:58:44.0250 0184 Ndisuio - ok
22:58:44.0312 0184 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS2\system32\DRIVERS\ndiswan.sys
22:58:44.0328 0184 NdisWan - ok
22:58:44.0468 0184 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS2\system32\drivers\NDProxy.sys
22:58:44.0468 0184 NDProxy - ok
22:58:44.0515 0184 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS2\system32\DRIVERS\netbios.sys
22:58:44.0515 0184 NetBIOS - ok
22:58:44.0546 0184 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS2\system32\DRIVERS\netbt.sys
22:58:44.0546 0184 NetBT - ok
22:58:44.0609 0184 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS2\system32\netdde.exe
22:58:44.0625 0184 NetDDE - ok
22:58:44.0625 0184 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS2\system32\netdde.exe
22:58:44.0640 0184 NetDDEdsdm - ok
22:58:44.0687 0184 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
22:58:44.0687 0184 Netlogon - ok
22:58:44.0828 0184 Netman (dab9e6c7105d2ef49876fe92c524f565) C:\WINDOWS2\System32\netman.dll
22:58:44.0843 0184 Netman - ok
22:58:44.0984 0184 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:44.0984 0184 NetTcpPortSharing - ok
22:58:45.0156 0184 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS2\system32\DRIVERS\NETw4x32.sys
22:58:45.0234 0184 NETw4x32 - ok
22:58:45.0375 0184 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS2\system32\DRIVERS\nic1394.sys
22:58:45.0390 0184 NIC1394 - ok
22:58:45.0468 0184 Nla (4e74af063c3271fbea20dd940cfd1184) C:\WINDOWS2\System32\mswsock.dll
22:58:45.0484 0184 Nla - ok
22:58:45.0531 0184 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS2\system32\drivers\Npfs.sys
22:58:45.0531 0184 Npfs - ok
22:58:45.0562 0184 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS2\system32\drivers\Ntfs.sys
22:58:45.0562 0184 Ntfs - ok
22:58:45.0703 0184 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
22:58:45.0703 0184 NtLmSsp - ok
22:58:45.0765 0184 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS2\system32\ntmssvc.dll
22:58:45.0781 0184 NtmsSvc - ok
22:58:45.0937 0184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS2\system32\drivers\Null.sys
22:58:45.0937 0184 Null - ok
22:58:46.0203 0184 nv (0390b9368ea20dfb9e416a520b28a555) C:\WINDOWS2\system32\DRIVERS\nv4_mini.sys
22:58:46.0437 0184 nv - ok
22:58:46.0578 0184 NVSvc (a9fb3ef9a6385b56e8a6bd758ac01b94) C:\WINDOWS2\system32\nvsvc32.exe
22:58:46.0593 0184 NVSvc - ok
22:58:46.0671 0184 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS2\system32\DRIVERS\nwlnkflt.sys
22:58:46.0671 0184 NwlnkFlt - ok
22:58:46.0703 0184 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS2\system32\DRIVERS\nwlnkfwd.sys
22:58:46.0703 0184 NwlnkFwd - ok
22:58:46.0750 0184 OEM02Afx (58f478fd0115012ceec75fb73628901c) C:\WINDOWS2\system32\Drivers\OEM02Afx.sys
22:58:46.0765 0184 OEM02Afx - ok
22:58:46.0812 0184 OEM02Dev (19cac780b858822055f46c58a111723c) C:\WINDOWS2\system32\DRIVERS\OEM02Dev.sys
22:58:46.0828 0184 OEM02Dev - ok
22:58:46.0968 0184 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\WINDOWS2\system32\DRIVERS\OEM02Vfx.sys
22:58:46.0968 0184 OEM02Vfx - ok
22:58:47.0015 0184 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS2\system32\DRIVERS\ohci1394.sys
22:58:47.0031 0184 ohci1394 - ok
22:58:47.0125 0184 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:58:47.0125 0184 ose - ok
22:58:47.0203 0184 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS2\system32\drivers\Parport.sys
22:58:47.0203 0184 Parport - ok
22:58:47.0343 0184 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS2\system32\drivers\PartMgr.sys
22:58:47.0343 0184 PartMgr - ok
22:58:47.0421 0184 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS2\system32\drivers\ParVdm.sys
22:58:47.0421 0184 ParVdm - ok
22:58:47.0453 0184 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS2\system32\DRIVERS\pci.sys
22:58:47.0453 0184 PCI - ok
22:58:47.0468 0184 PCIDump - ok
22:58:47.0484 0184 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS2\system32\DRIVERS\pciide.sys
22:58:47.0484 0184 PCIIde - ok
22:58:47.0531 0184 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS2\system32\drivers\Pcmcia.sys
22:58:47.0531 0184 Pcmcia - ok
22:58:47.0546 0184 PDCOMP - ok
22:58:47.0562 0184 PDFRAME - ok
22:58:47.0578 0184 PDRELI - ok
22:58:47.0593 0184 PDRFRAME - ok
22:58:47.0609 0184 perc2 - ok
22:58:47.0625 0184 perc2hib - ok
22:58:47.0703 0184 PlugPlay (c6ce6eec82f187615d1002bb3bb50ed4) C:\WINDOWS2\system32\services.exe
22:58:47.0718 0184 PlugPlay - ok
22:58:47.0812 0184 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
22:58:47.0812 0184 PolicyAgent - ok
22:58:47.0906 0184 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS2\system32\DRIVERS\raspptp.sys
22:58:47.0906 0184 PptpMiniport - ok
22:58:47.0921 0184 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
22:58:47.0921 0184 ProtectedStorage - ok
22:58:47.0937 0184 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS2\system32\DRIVERS\psched.sys
22:58:47.0937 0184 PSched - ok
22:58:47.0984 0184 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS2\system32\DRIVERS\ptilink.sys
22:58:47.0984 0184 Ptilink - ok
22:58:48.0000 0184 ql1080 - ok
22:58:48.0015 0184 Ql10wnt - ok
22:58:48.0031 0184 ql12160 - ok
22:58:48.0046 0184 ql1240 - ok
22:58:48.0062 0184 ql1280 - ok
22:58:48.0109 0184 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS2\system32\DRIVERS\rasacd.sys
22:58:48.0109 0184 RasAcd - ok
22:58:48.0156 0184 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS2\System32\rasauto.dll
22:58:48.0171 0184 RasAuto - ok
22:58:48.0328 0184 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS2\system32\DRIVERS\rasl2tp.sys
22:58:48.0328 0184 Rasl2tp - ok
22:58:48.0390 0184 RasMan (41a3c11e3517c962c9b44893bcec3b34) C:\WINDOWS2\System32\rasmans.dll
22:58:48.0406 0184 RasMan - ok
22:58:48.0421 0184 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS2\system32\DRIVERS\raspppoe.sys
22:58:48.0421 0184 RasPppoe - ok
22:58:48.0468 0184 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS2\system32\DRIVERS\raspti.sys
22:58:48.0468 0184 Raspti - ok
22:58:48.0515 0184 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS2\system32\DRIVERS\rdbss.sys
22:58:48.0515 0184 Rdbss - ok
22:58:48.0546 0184 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS2\system32\DRIVERS\RDPCDD.sys
22:58:48.0546 0184 RDPCDD - ok
22:58:48.0718 0184 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS2\system32\DRIVERS\rdpdr.sys
22:58:48.0734 0184 rdpdr - ok
22:58:48.0781 0184 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS2\system32\drivers\RDPWD.sys
22:58:48.0796 0184 RDPWD - ok
22:58:48.0812 0184 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS2\system32\sessmgr.exe
22:58:48.0828 0184 RDSessMgr - ok
22:58:48.0890 0184 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS2\system32\DRIVERS\redbook.sys
22:58:48.0890 0184 redbook - ok
22:58:49.0046 0184 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS2\System32\mprdim.dll
22:58:49.0062 0184 RemoteAccess - ok
22:58:49.0109 0184 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS2\system32\regsvc.dll
22:58:49.0109 0184 RemoteRegistry - ok
22:58:49.0203 0184 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS2\system32\DRIVERS\rimmptsk.sys
22:58:49.0203 0184 rimmptsk - ok
22:58:49.0218 0184 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS2\system32\DRIVERS\rimsptsk.sys
22:58:49.0218 0184 rimsptsk - ok
22:58:49.0234 0184 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS2\system32\DRIVERS\rixdptsk.sys
22:58:49.0250 0184 rismxdp - ok
22:58:49.0312 0184 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS2\system32\locator.exe
22:58:49.0312 0184 RpcLocator - ok
22:58:49.0484 0184 RpcSs (5c83a4408604f737717ab96371201680) C:\WINDOWS2\System32\rpcss.dll
22:58:49.0484 0184 RpcSs - ok
22:58:49.0531 0184 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS2\system32\rsvp.exe
22:58:49.0546 0184 RSVP - ok
22:58:49.0562 0184 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS2\system32\lsass.exe
22:58:49.0578 0184 SamSs - ok
22:58:49.0718 0184 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:58:49.0718 0184 SASDIFSV - ok
22:58:49.0750 0184 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:58:49.0750 0184 SASKUTIL - ok
22:58:49.0906 0184 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS2\system32\Drivers\SBKUPNT.SYS
22:58:49.0906 0184 SBKUPNT - ok
22:58:49.0984 0184 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS2\System32\SCardSvr.exe
22:58:50.0000 0184 SCardSvr - ok
22:58:50.0062 0184 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS2\system32\schedsvc.dll
22:58:50.0078 0184 Schedule - ok
22:58:50.0109 0184 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS2\system32\DRIVERS\sdbus.sys
22:58:50.0109 0184 sdbus - ok
22:58:50.0140 0184 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS2\system32\DRIVERS\secdrv.sys
22:58:50.0140 0184 Secdrv - ok
22:58:50.0281 0184 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS2\System32\seclogon.dll
22:58:50.0296 0184 seclogon - ok
22:58:50.0343 0184 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS2\system32\sens.dll
22:58:50.0343 0184 SENS - ok
22:58:50.0437 0184 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS2\system32\drivers\Serial.sys
22:58:50.0437 0184 Serial - ok
22:58:50.0515 0184 sffdisk (1d9f1bec651815741f088a8fb88e17ee) C:\WINDOWS2\system32\DRIVERS\sffdisk.sys
22:58:50.0531 0184 sffdisk - ok
22:58:50.0671 0184 sffp_sd (586499fd312ffd7f78553f408e71682e) C:\WINDOWS2\system32\DRIVERS\sffp_sd.sys
22:58:50.0671 0184 sffp_sd - ok
22:58:50.0703 0184 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS2\system32\drivers\Sfloppy.sys
22:58:50.0703 0184 Sfloppy - ok
22:58:50.0781 0184 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS2\System32\ipnathlp.dll
22:58:50.0781 0184 SharedAccess - ok
22:58:50.0937 0184 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
22:58:50.0937 0184 ShellHWDetection - ok
22:58:50.0968 0184 Simbad - ok
22:58:51.0031 0184 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS2\system32\DRIVERS\SLIP.sys
22:58:51.0046 0184 SLIP - ok
22:58:51.0093 0184 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS2\system32\DRIVERS\SONYPVU1.SYS
22:58:51.0093 0184 SONYPVU1 - ok
22:58:51.0218 0184 Sparrow - ok
22:58:51.0281 0184 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS2\system32\drivers\splitter.sys
22:58:51.0281 0184 splitter - ok
22:58:51.0359 0184 Spooler (7435b108b935e42ea92ca94f59c8e717) C:\WINDOWS2\system32\spoolsv.exe
22:58:51.0359 0184 Spooler - ok
22:58:51.0406 0184 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS2\system32\DRIVERS\sr.sys
22:58:51.0406 0184 sr - ok
22:58:51.0437 0184 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS2\system32\srsvc.dll
22:58:51.0453 0184 srservice - ok
22:58:51.0500 0184 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS2\system32\DRIVERS\srv.sys
22:58:51.0500 0184 Srv - ok
22:58:51.0640 0184 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS2\System32\ssdpsrv.dll
22:58:51.0640 0184 SSDPSRV - ok
22:58:51.0796 0184 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS2\system32\drivers\sthda.sys
22:58:51.0812 0184 STHDA - ok
22:58:51.0968 0184 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS2\system32\wiaservc.dll
22:58:51.0984 0184 stisvc - ok
22:58:52.0062 0184 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS2\system32\DRIVERS\StreamIP.sys
22:58:52.0078 0184 streamip - ok
22:58:52.0125 0184 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS2\system32\DRIVERS\swenum.sys
22:58:52.0125 0184 swenum - ok
22:58:52.0265 0184 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS2\system32\drivers\swmidi.sys
22:58:52.0265 0184 swmidi - ok
22:58:52.0281 0184 SwPrv - ok
22:58:52.0296 0184 symc810 - ok
22:58:52.0312 0184 symc8xx - ok
22:58:52.0343 0184 sym_hi - ok
22:58:52.0359 0184 sym_u3 - ok
22:58:52.0406 0184 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS2\system32\drivers\sysaudio.sys
22:58:52.0406 0184 sysaudio - ok
22:58:52.0453 0184 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS2\system32\smlogsvc.exe
22:58:52.0468 0184 SysmonLog - ok
22:58:52.0703 0184 SysProtDrv.sys (7d5b6655442dbcf5e3b86a134ab90584) C:\Documents and Settings\Antonio.ANTONIO-LAPTOP\Desktop\SysProt\SysProt\SysProtDrv.sys
22:58:52.0828 0184 SysProtDrv.sys - ok
22:58:52.0953 0184 TapiSrv (eb4a4187d74a8efdcbea3ea2cb1bdfbd) C:\WINDOWS2\System32\tapisrv.dll
22:58:52.0968 0184 TapiSrv - ok
22:58:53.0078 0184 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS2\system32\DRIVERS\tcpip.sys
22:58:53.0078 0184 Tcpip - ok
22:58:53.0218 0184 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS2\system32\drivers\TDPIPE.sys
22:58:53.0218 0184 TDPIPE - ok
22:58:53.0250 0184 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS2\system32\drivers\TDTCP.sys
22:58:53.0265 0184 TDTCP - ok
22:58:53.0328 0184 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS2\system32\DRIVERS\termdd.sys
22:58:53.0343 0184 TermDD - ok
22:58:53.0406 0184 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS2\System32\termsrv.dll
22:58:53.0421 0184 TermService - ok
22:58:53.0562 0184 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS2\System32\shsvcs.dll
22:58:53.0578 0184 Themes - ok
22:58:53.0625 0184 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS2\system32\tlntsvr.exe
22:58:53.0625 0184 TlntSvr - ok
22:58:53.0671 0184 TosIde - ok
22:58:53.0734 0184 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS2\system32\trkwks.dll
22:58:53.0734 0184 TrkWks - ok
22:58:53.0781 0184 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS2\system32\drivers\Udfs.sys
22:58:53.0781 0184 Udfs - ok
22:58:53.0890 0184 ultra - ok
22:58:53.0953 0184 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS2\system32\DRIVERS\update.sys
22:58:53.0953 0184 Update - ok
22:58:54.0031 0184 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS2\System32\upnphost.dll
22:58:54.0031 0184 upnphost - ok
22:58:54.0078 0184 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS2\System32\ups.exe
22:58:54.0078 0184 UPS - ok
22:58:54.0140 0184 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS2\system32\Drivers\usbaapl.sys
22:58:54.0156 0184 USBAAPL - ok
22:58:54.0281 0184 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS2\system32\DRIVERS\usbccgp.sys
22:58:54.0281 0184 usbccgp - ok
22:58:54.0359 0184 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS2\system32\DRIVERS\usbehci.sys
22:58:54.0375 0184 usbehci - ok
22:58:54.0390 0184 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS2\system32\DRIVERS\usbhub.sys
22:58:54.0406 0184 usbhub - ok
22:58:54.0453 0184 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS2\system32\DRIVERS\usbscan.sys
22:58:54.0453 0184 usbscan - ok
22:58:54.0515 0184 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS2\system32\DRIVERS\USBSTOR.SYS
22:58:54.0515 0184 USBSTOR - ok
22:58:54.0562 0184 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS2\system32\DRIVERS\usbuhci.sys
22:58:54.0562 0184 usbuhci - ok
22:58:54.0703 0184 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS2\system32\Drivers\usbvideo.sys
22:58:54.0703 0184 usbvideo - ok
22:58:54.0750 0184 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS2\System32\drivers\vga.sys
22:58:54.0750 0184 VgaSave - ok
22:58:54.0781 0184 ViaIde - ok
22:58:54.0843 0184 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS2\system32\drivers\VolSnap.sys
22:58:54.0843 0184 VolSnap - ok
22:58:54.0921 0184 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS2\System32\vssvc.exe
22:58:54.0937 0184 VSS - ok
22:58:55.0078 0184 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS2\system32\w32time.dll
22:58:55.0078 0184 W32Time - ok
22:58:55.0187 0184 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS2\system32\DRIVERS\wanarp.sys
22:58:55.0187 0184 Wanarp - ok
22:58:55.0203 0184 WDICA - ok
22:58:55.0250 0184 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS2\system32\drivers\wdmaud.sys
22:58:55.0265 0184 wdmaud - ok
22:58:55.0312 0184 WebClient (5d0a442864bfbf3b19dcca4cd29f6e99) C:\WINDOWS2\System32\webclnt.dll
22:58:55.0328 0184 WebClient - ok
22:58:55.0406 0184 winachsf (96aff1738271755a39b52eef7e35f98f) C:\WINDOWS2\system32\DRIVERS\HSF_CNXT.sys
22:58:55.0421 0184 winachsf - ok
22:58:55.0625 0184 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS2\system32\wbem\WMIsvc.dll
22:58:55.0625 0184 winmgmt - ok
22:58:55.0718 0184 WmdmPmSN (c086483e3dba8c1c0a687ec8d5b3d4c1) C:\WINDOWS2\system32\mspmsnsv.dll
22:58:55.0718 0184 WmdmPmSN - ok
22:58:55.0796 0184 Wmi (1aff244ca134956c54474f4e2433e4ce) C:\WINDOWS2\System32\advapi32.dll
22:58:55.0812 0184 Wmi - ok
22:58:56.0000 0184 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS2\system32\DRIVERS\wmiacpi.sys
22:58:56.0000 0184 WmiAcpi - ok
22:58:56.0078 0184 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS2\system32\wbem\wmiapsrv.exe
22:58:56.0078 0184 WmiApSrv - ok
22:58:56.0125 0184 WPFFontCache_v0400 - ok
22:58:56.0187 0184 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS2\System32\drivers\ws2ifsl.sys
22:58:56.0187 0184 WS2IFSL - ok
22:58:56.0328 0184 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS2\system32\wscsvc.dll
22:58:56.0343 0184 wscsvc - ok
22:58:56.0421 0184 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS2\system32\DRIVERS\WSTCODEC.SYS
22:58:56.0421 0184 WSTCODEC - ok
22:58:56.0531 0184 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
22:58:56.0625 0184 wuauserv - ok
22:58:56.0765 0184 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS2\System32\wzcsvc.dll
22:58:56.0781 0184 WZCSVC - ok
22:58:56.0843 0184 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS2\System32\xmlprov.dll
22:58:56.0843 0184 xmlprov - ok
22:58:56.0906 0184 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:58:57.0453 0184 \Device\Harddisk0\DR0 - ok
22:58:57.0453 0184 Boot (0x1200) (b555b91f577cbb009e14078586928726) \Device\Harddisk0\DR0\Partition0
22:58:57.0453 0184 \Device\Harddisk0\DR0\Partition0 - ok
22:58:57.0453 0184 ============================================================
22:58:57.0453 0184 Scan finished
22:58:57.0453 0184 ============================================================
22:58:57.0468 2904 Detected object count: 0
22:58:57.0468 2904 Actual detected object count: 0

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Wed 18 Apr 2012, 6:01 am

It didn't pick up anything that time. Did you run AVP?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Wed 18 Apr 2012, 10:39 am

Yes I did. It too a very very long time and I had to leave on as I went to work.

The AVP tool detected 3 threats and I opted to delete them all when I was prompted to. I saved a text file the results in my desktop, but for some reason I am unable to open it. Maybe because of the size of the scan log?

So far my laptop seems a lot faster and alot more responsive.

Comodo however detected something called Verclsid.exe. I googled and it seems to be part of a download from Microsoft. Please advice if I should run the program. and remove it from Comodo's sandbox

[You must be registered and logged in to see this link.]

Again, thanks for all your help.

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Wed 18 Apr 2012, 10:49 am

The text file was able to open! Below are the the 3 deleted files:



4/17/2012 6:29:32 PM Deleted: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{0BC7B696-48BC-4B67-B004-BEAA157F7FC8}\RP452\A0059877.dll

4/17/2012 5:50:39 AM Deleted: Exploit.Java.CVE-2012-0507.ax C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\63\278cad7f-14b34e46/ya/yc.class

4/17/2012 5:51:13 AM Deleted: HEUR:Trojan.Win32.Generic C:\WINDOWS\system32\setuph.dll

Also, please advice on what to do with Verclsid.exe.

Thanks

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Thu 19 Apr 2012, 5:42 am

Comodo however detected something called Verclsid.exe. I googled and it seems to be part of a download from Microsoft. Please advice if I should run the program. and remove it from Comodo's sandbox
Yes, it seems safe.

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Thu 19 Apr 2012, 2:07 pm

ysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: F4EE8000
Module End: F4F00000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: F7C24000
Module End: F7C26000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAdjustPrivilegesToken
Address: F5147226
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwConnectPort
Address: F51467CA
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateFile
Address: F5146E8C
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateKey
Address: F5147A7A
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreatePort
Address: F51466A6
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateSection
Address: F51497BA
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateSymbolicLinkObject
Address: F5149B50
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateThread
Address: F51461EA
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDeleteKey
Address: F5147412
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDeleteValueKey
Address: F5147606
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDuplicateObject
Address: F514601C
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwEnumerateKey
Address: F514812C
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwEnumerateValueKey
Address: F514836A
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwLoadDriver
Address: F51493F6
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwMakeTemporaryObject
Address: F5146A66
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenFile
Address: F5147068
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenKey
Address: F5147A6A
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenProcess
Address: F5145D00
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenSection
Address: F5146D16
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenThread
Address: F5145E98
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryKey
Address: F5148552
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryMultipleValueKey
Address: F5148916
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryValueKey
Address: F514872E
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwRenameKey
Address: F5147F44
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwRequestWaitReplyPort
Address: F5148E8A
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSecureConnectPort
Address: F514913E
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetSecurityObject
Address: F5147842
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetSystemInformation
Address: F51495C2
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetValueKey
Address: F5147CCC
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwShutdownSystem
Address: F5146A00
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSystemDebugControl
Address: F5146C02
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwTerminateProcess
Address: F5146544
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwTerminateThread
Address: F51463EA
Driver Base: F513D000
Driver End: F5173000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\5AB073CC.TMP
Status: Access denied

Object: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\6F0385AD.TMP
Status: Access denied

Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Fri 20 Apr 2012, 5:03 am

Please give me an update on how your computer is working.

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Fri 20 Apr 2012, 10:47 am

Hello,

The computer is working really well! I am currently running the scan with ESET online and will be posting the results soon.

From what I read online, the Qoobox folder is a part of ComboFix. Inside that folder is a folder called "BackEnv" and "Quarantine." Is it okay to delete the Quarantine folder?

Thanks.

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Fri 20 Apr 2012, 2:20 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a15170fa456ed14893db49d48eb960ce
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-15 02:15:53
# local_time=2012-04-14 10:15:53 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 135391623 135391623 0 0
# compatibility_mode=3073 16777189 80 92 0 62734511 0 0
# compatibility_mode=8192 67108863 100 0 30770363 30770363 0 0
# scanned=147239
# found=0
# cleaned=0
# scan_time=9283
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a15170fa456ed14893db49d48eb960ce
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-20 03:10:42
# local_time=2012-04-19 11:10:42 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 135820223 135820223 0 0
# compatibility_mode=3073 16777173 80 92 0 63163111 0 0
# compatibility_mode=8192 67108863 100 0 31198963 31198963 0 0
# scanned=130133
# found=1
# cleaned=1
# scan_time=15970
C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\63\278cad7f-14b34e46 a variant of Java/Exploit.Agent.NAY trojan (deleted - quarantined) 00000000000000000000000000000000 C

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Sat 21 Apr 2012, 5:28 am

Is it okay to delete the Quarantine folder?
We will do that in this cleanup.

To uninstall ComboFix


  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall




(Note: Make sure there's a space between the word ComboFix and the forward-slash.)


  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

**************************************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
****************************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
***************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*************************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Sat 21 Apr 2012, 11:46 am

Thank you for all your help! My computer seems better than ever!

This might be a silly question, but I decided to download COMODO firewall, and after isntalling, I cannot locate my COMDO Antivirus. Did the firewall completely save over and replace my Antivirus??

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Sun 22 Apr 2012, 4:45 am

Did the firewall completely save over and replace my Antivirus??
I seriously doubt that. Please run this scanner and post the log.

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Sun 22 Apr 2012, 10:57 am

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
COMODO Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
SUPERAntiSpyware
CCleaner
Java(TM) 6 Update 29
Java version out of date!
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
``````````End of Log````````````

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Mon 23 Apr 2012, 10:36 am

I would say that your COMODO Internet Security is an all-in-program. You can google it to verify.

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by furyofdawolfx on Mon 23 Apr 2012, 11:19 am

Thank you for all the help.

On the JQS link, I don't seem to see any prompt do download JQS.

Do you know of any free AV I can get online?

Thanks

furyofdawolfx

Rookie Surfer
Rookie Surfer

Posts : 68
Joined : 2009-12-12
Operating System : Windows XP

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Superdave on Mon 23 Apr 2012, 11:27 am

On the JQS link, I don't seem to see any prompt do download JQS.
Click on the Verify your Java version. When it recognizes that your version is out-of-date it will give you a download link.
Do you know of any free AV I can get online?
If it's free AV's that you want, here's what I have. I prefer MSE for its liteweight and no hassle policies.

Remember to only install one antivirus!

1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal
4) Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
4-a) Microsoft Security Essentials for Windows XP
5) Comodo Antivirus (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition
7) ThreatFire

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Virus slowing down computer (virtual memory) -NOT SURE ABOUT VIRUS NAME

Post by Sponsored content Today at 4:09 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum