Computer running slow, do I have a virus or malware problem?

View previous topic View next topic Go down

Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Mon Nov 12, 2012 4:14 pm

So I am using an older computer with Windows XP. Over the past few weeks it has become very slow and starts freezing quite a bit. After about 1 hr-2 hrs of continual use it starts running slow, freezing and taking forever to load content on pages. I will be getting a new laptop in 3 weeks or so, but in the mean time I need this machine to work a little better for me. I work from home off of my computer and it's very frustrating. Thanks for any help you can provide!



Last edited by FaithCassita on Mon Nov 12, 2012 4:18 pm; edited 1 time in total

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Mon Nov 12, 2012 4:15 pm

OTL.Txt

OTL Extras logfile created on: 11/12/2012 9:42:16 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Erica\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 521.43 Mb Available Physical Memory | 51.42% Memory free
2.38 Gb Paging File | 1.89 Gb Available in Paging File | 79.30% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 23.31 Gb Free Space | 62.58% Space Free | Partition Type: NTFS

Computer Name: ULRIE_ERICA | User Name: Erica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Unable to open value key
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9220:TCP" = 9220:TCP:*:Enabled:HP
"161:UDP" = 161:UDP:*:Enabled:HP2
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"1051:TCP" = 1051:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Rhapsody\rhapsody.exe" = C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody
"C:\Documents and Settings\Erica\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Erica\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Erica\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\Erica\Local Settings\Application Data\Akamai\netsession_win.exe:*:Disabled:netsession_win -- (Akamai Technologies, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe" = C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe:*:Enabled:HP Solution Center
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\FVD Suite\FVD Downloader\FVD Downloader.exe" = C:\Program Files\FVD Suite\FVD Downloader\FVD Downloader.exe:*:Enabled:FVD Downloader


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{1B2D49FE-B8EC-466E-8829-C85CDA4589CE}" = System Requirements Lab
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{76A38425-741A-415C-96CF-AAD907FAB421}" = Vz In Home Agent
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Prism" = Prism Video File Converter
"Replay Music3.92" = Replay Music
"SystemRequirementsLab" = System Requirements Lab
"Taking Charge of Your Fertility Software" = Taking Charge of Your Fertility Software
"Verizon Broadband Toolbar Firefox only" = Verizon Broadband Toolbar Firefox only
"Verizon High Speed Internet_is1" = Verizon High Speed Internet
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"Inquisit 3 Web Edition" = Inquisit 3 Web Edition
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/13/2012 1:42:11 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 5/8/2012 11:29:51 AM | Computer Name = ULRIE_ERICA | Source = Avira Antivirus | ID = 4122
Description = Unable to load file AvShadow. Returned error code: 0x20

Error - 5/8/2012 11:31:15 AM | Computer Name = ULRIE_ERICA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 5/8/2012 11:31:15 AM | Computer Name = ULRIE_ERICA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 5/10/2012 10:46:19 AM | Computer Name = ULRIE_ERICA | Source = MsiInstaller | ID = 11704
Description = Product: Microsoft .NET Framework 3.5 SP1 -- Error 1704.An installation
for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended. You must
undo the changes made by that installation to continue. Do you want to undo those
changes?

Error - 5/12/2012 4:54:46 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 6/14/2012 12:01:06 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 6/30/2012 5:40:33 PM | Computer Name = ULRIE_ERICA | Source = Application Error | ID = 1000
Description = Faulting application lego island 2.exe, version 0.0.0.0, faulting
module unknown, version 0.0.0.0, fault address 0x5c57bece.

Error - 9/15/2012 5:39:59 PM | Computer Name = ULRIE_ERICA | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 14.0.1.4577, faulting
module quicktimewebhelper.qtx, version 7.6.9.0, fault address 0x0000e5d9.

Error - 9/16/2012 3:56:13 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application verizon_ihamessagecenter.exe, version 1.8.70.0,
stamp 501c32f9, faulting module ole32.dll, version 5.1.2600.6168, stamp 4eb0192e,
debug? 0, fault address 0x00121f3b.

[ System Events ]
Error - 11/12/2012 6:20:20 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:20 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:50:34 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2

Error - 11/12/2012 11:20:23 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2


< End of report >


FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Mon Nov 12, 2012 4:15 pm

Extras.Txt
OTL Extras logfile created on: 11/12/2012 9:42:16 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Erica\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 521.43 Mb Available Physical Memory | 51.42% Memory free
2.38 Gb Paging File | 1.89 Gb Available in Paging File | 79.30% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 23.31 Gb Free Space | 62.58% Space Free | Partition Type: NTFS

Computer Name: ULRIE_ERICA | User Name: Erica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Unable to open value key
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9220:TCP" = 9220:TCP:*:Enabled:HP
"161:UDP" = 161:UDP:*:Enabled:HP2
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"1051:TCP" = 1051:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Rhapsody\rhapsody.exe" = C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody
"C:\Documents and Settings\Erica\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Erica\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Erica\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\Erica\Local Settings\Application Data\Akamai\netsession_win.exe:*:Disabled:netsession_win -- (Akamai Technologies, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS7158\OJ6000vE609_Basic_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{53A8C41D-37A5-4B57-8F80-0D83F4F34271}\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS651D\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS0B9A\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe" = C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe:*:Enabled:HP Solution Center
"C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\Erica\Local Settings\Temp\7zS510F\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\FVD Suite\FVD Downloader\FVD Downloader.exe" = C:\Program Files\FVD Suite\FVD Downloader\FVD Downloader.exe:*:Enabled:FVD Downloader


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{1B2D49FE-B8EC-466E-8829-C85CDA4589CE}" = System Requirements Lab
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{76A38425-741A-415C-96CF-AAD907FAB421}" = Vz In Home Agent
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Prism" = Prism Video File Converter
"Replay Music3.92" = Replay Music
"SystemRequirementsLab" = System Requirements Lab
"Taking Charge of Your Fertility Software" = Taking Charge of Your Fertility Software
"Verizon Broadband Toolbar Firefox only" = Verizon Broadband Toolbar Firefox only
"Verizon High Speed Internet_is1" = Verizon High Speed Internet
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"Inquisit 3 Web Edition" = Inquisit 3 Web Edition
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/13/2012 1:42:11 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 5/8/2012 11:29:51 AM | Computer Name = ULRIE_ERICA | Source = Avira Antivirus | ID = 4122
Description = Unable to load file AvShadow. Returned error code: 0x20

Error - 5/8/2012 11:31:15 AM | Computer Name = ULRIE_ERICA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 5/8/2012 11:31:15 AM | Computer Name = ULRIE_ERICA | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 5/10/2012 10:46:19 AM | Computer Name = ULRIE_ERICA | Source = MsiInstaller | ID = 11704
Description = Product: Microsoft .NET Framework 3.5 SP1 -- Error 1704.An installation
for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended. You must
undo the changes made by that installation to continue. Do you want to undo those
changes?

Error - 5/12/2012 4:54:46 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 6/14/2012 12:01:06 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 6/30/2012 5:40:33 PM | Computer Name = ULRIE_ERICA | Source = Application Error | ID = 1000
Description = Faulting application lego island 2.exe, version 0.0.0.0, faulting
module unknown, version 0.0.0.0, fault address 0x5c57bece.

Error - 9/15/2012 5:39:59 PM | Computer Name = ULRIE_ERICA | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 14.0.1.4577, faulting
module quicktimewebhelper.qtx, version 7.6.9.0, fault address 0x0000e5d9.

Error - 9/16/2012 3:56:13 PM | Computer Name = ULRIE_ERICA | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application verizon_ihamessagecenter.exe, version 1.8.70.0,
stamp 501c32f9, faulting module ole32.dll, version 5.1.2600.6168, stamp 4eb0192e,
debug? 0, fault address 0x00121f3b.

[ System Events ]
Error - 11/12/2012 6:20:20 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:20 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:20:21 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 11/12/2012 6:50:34 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2

Error - 11/12/2012 11:20:23 AM | Computer Name = ULRIE_ERICA | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2


< End of report >

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Mon Nov 12, 2012 4:17 pm

AdwCleaner
# AdwCleaner v2.007 - Logfile created 11/12/2012 at 09:57:29
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Erica - ULRIE_ERICA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Erica\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\IBUpdaterService
Folder Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\Conduit
Folder Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\CT2611275
Folder Deleted : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
Folder Deleted : C:\Documents and Settings\Erica\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AskBarDis
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2611275
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.] --> [You must be registered and logged in to see this link.]

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\prefs.js

C:\Documents and Settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\user.js ... Deleted !

Deleted : user_pref("CT2260173..clientLogIsEnabled", false);
Deleted : user_pref("CT2260173..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2260173..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2260173.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2260173.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2260173.AppTrackingLastCheckTime", "Wed May 02 2012 17:37:20 GMT-0500 (Central Daylight[...]
Deleted : user_pref("CT2260173.CT2260173", "CT2260173");
Deleted : user_pref("CT2260173.CurrentServerDate", "21-5-2012");
Deleted : user_pref("CT2260173.DSInstall", true);
Deleted : user_pref("CT2260173.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2260173.DialogsGetterLastCheckTime", "Sun May 20 2012 17:36:56 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2260173.DownloadReferralCookieData", "");
Deleted : user_pref("CT2260173.EMailNotifierPollDate", "Wed May 02 2012 17:37:32 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2260173.FeedLastCount128940659599556287", 0);
Deleted : user_pref("CT2260173.FeedPollDate128940659196275477", "Wed May 02 2012 17:36:58 GMT-0500 (Central Da[...]
Deleted : user_pref("CT2260173.FeedPollDate128940659574712536", "Wed May 02 2012 17:36:58 GMT-0500 (Central Da[...]
Deleted : user_pref("CT2260173.FeedTTL128940659574712536", 40);
Deleted : user_pref("CT2260173.FirstServerDate", "3-5-2012");
Deleted : user_pref("CT2260173.FirstTime", true);
Deleted : user_pref("CT2260173.FirstTimeFF3", true);
Deleted : user_pref("CT2260173.FirstTimeHiddenVer", true);
Deleted : user_pref("CT2260173.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2260173.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2260173.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2260173.HPInstall", false);
Deleted : user_pref("CT2260173.HasUserGlobalKeys", true);
Deleted : user_pref("CT2260173.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2260173.HomepageBeforeUnload", "hxxp://www.yahoo.com/");
Deleted : user_pref("CT2260173.Initialize", true);
Deleted : user_pref("CT2260173.InitializeCommonPrefs", true);
Deleted : user_pref("CT2260173.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2260173.InstallationType", "Unknown");
Deleted : user_pref("CT2260173.InstalledDate", "Wed May 02 2012 17:37:18 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2260173.InvalidateCache", false);
Deleted : user_pref("CT2260173.IsGrouping", false);
Deleted : user_pref("CT2260173.IsInitSetupIni", true);
Deleted : user_pref("CT2260173.IsMulticommunity", false);
Deleted : user_pref("CT2260173.IsOpenThankYouPage", true);
Deleted : user_pref("CT2260173.IsOpenUninstallPage", true);
Deleted : user_pref("CT2260173.IsProtectorsInit", true);
Deleted : user_pref("CT2260173.LanguagePackLastCheckTime", "Sun May 20 2012 17:37:05 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2260173.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2260173.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2260173.LastLogin_3.12.2.3", "Mon May 21 2012 12:53:26 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2260173.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2260173.Locale", "en");
Deleted : user_pref("CT2260173.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2260173.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2260173.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2260173.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2260173.OriginalFirstVersion", "3.12.2.3");
Deleted : user_pref("CT2260173.RadioIsPodcast", false);
Deleted : user_pref("CT2260173.RadioLastCheckTime", "Wed May 02 2012 17:37:33 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2260173.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2260173.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2260173.RadioMediaID", "9942");
Deleted : user_pref("CT2260173.RadioMediaType", "Media Player");
Deleted : user_pref("CT2260173.RadioMenuSelectedID", "EBRadioMenu_CT22601739942");
Deleted : user_pref("CT2260173.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2260173.RadioStationName", "1.FM%20(Country)");
Deleted : user_pref("CT2260173.RadioStationURL", "hxxp://1.fm/wm/energycountry32k.asx");
Deleted : user_pref("CT2260173.SearchCaption", "Swag Bucks Customized Web Search");
Deleted : user_pref("CT2260173.SearchEngineBeforeUnload", "Swag Bucks Customized Web Search");
Deleted : user_pref("CT2260173.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2260173.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2260173.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2260173.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2260173.SearchInNewTabLastCheckTime", "Sun May 20 2012 17:37:35 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2260173.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2260173.SearchProtectorEnabled", true);
Deleted : user_pref("CT2260173.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2260173.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2260173.ServiceMapLastCheckTime", "Sun May 20 2012 17:36:54 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2260173.SettingsLastCheckTime", "Mon May 21 2012 13:06:46 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2260173.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2260173.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=13");
Deleted : user_pref("CT2260173.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastCheck", "Wed May 02 2012 17:36:53 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2260173.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2260173.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2260173");
Deleted : user_pref("CT2260173.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2260173.UserID", "UN17983944595538415");
Deleted : user_pref("CT2260173.ValidationData_Toolbar", 1);
Deleted : user_pref("CT2260173.WeatherNetwork", "");
Deleted : user_pref("CT2260173.WeatherPollDate", "Wed May 02 2012 17:37:33 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2260173.WeatherUnit", "F");
Deleted : user_pref("CT2260173.alertChannelId", "657446");
Deleted : user_pref("CT2260173.components.1000034", true);
Deleted : user_pref("CT2260173.components.1000082", true);
Deleted : user_pref("CT2260173.components.1000234", true);
Deleted : user_pref("CT2260173.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2260173.globalFirstTimeInfoLastCheckTime", "Wed May 02 2012 17:36:55 GMT-0500 (Central [...]
Deleted : user_pref("CT2260173.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.initDone", true);
Deleted : user_pref("CT2260173.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2260173.isFirstRadioInstallation", false);
Deleted : user_pref("CT2260173.myStuffEnabled", true);
Deleted : user_pref("CT2260173.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2260173.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2260173.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2260173.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2260173.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2260173.revertSettingsEnabled", false);
Deleted : user_pref("CT2260173.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2260173.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.testingCtid", "");
Deleted : user_pref("CT2260173.toolbarAppMetaDataLastCheckTime", "Sun May 20 2012 17:36:59 GMT-0500 (Central D[...]
Deleted : user_pref("CT2260173.toolbarContextMenuLastCheckTime", "Wed May 02 2012 17:37:03 GMT-0500 (Central D[...]
Deleted : user_pref("CT2260173.usagesFlag", 2);
Deleted : user_pref("CT2611275.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2611275.CTID", "ct2611275");
Deleted : user_pref("CT2611275.CurrentServerDate", "11-10-2010");
Deleted : user_pref("CT2611275.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2611275.DownloadReferralCookieData", "");
Deleted : user_pref("CT2611275.EMailNotifierPollDate", "Sun Oct 10 2010 17:28:48 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2611275.FirstServerDate", "9-10-2010");
Deleted : user_pref("CT2611275.FirstTime", true);
Deleted : user_pref("CT2611275.FirstTimeFF3", true);
Deleted : user_pref("CT2611275.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2611275.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2611275.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2611275.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2611275.Initialize", true);
Deleted : user_pref("CT2611275.InitializeCommonPrefs", true);
Deleted : user_pref("CT2611275.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2611275.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2611275.InstalledDate", "Fri Oct 08 2010 16:20:06 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2611275.IsGrouping", false);
Deleted : user_pref("CT2611275.IsMulticommunity", false);
Deleted : user_pref("CT2611275.IsOpenThankYouPage", false);
Deleted : user_pref("CT2611275.IsOpenUninstallPage", true);
Deleted : user_pref("CT2611275.LanguagePackLastCheckTime", "Fri Oct 08 2010 16:20:31 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2611275.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2611275.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2611275.LastLogin_2.6.0.15", "Sun Oct 10 2010 17:08:31 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2611275.LatestVersion", "2.6.0.15");
Deleted : user_pref("CT2611275.Locale", "en");
Deleted : user_pref("CT2611275.LoginCache", 4);
Deleted : user_pref("CT2611275.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2611275.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2611275.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2611275.RadioIsPodcast", false);
Deleted : user_pref("CT2611275.RadioMediaID", "9909");
Deleted : user_pref("CT2611275.RadioMediaType", "Media Player");
Deleted : user_pref("CT2611275.RadioMenuSelectedID", "EBRadioMenu_CT26112759909");
Deleted : user_pref("CT2611275.RadioStationName", "WQXR-FM%20NYC%20(Classical)");
Deleted : user_pref("CT2611275.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live[...]
Deleted : user_pref("CT2611275.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2611275.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2611275.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Deleted : user_pref("CT2611275.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2611275.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2611275.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2611275.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2611275.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2611275.SettingsLastCheckTime", "Fri Oct 08 2010 16:20:05 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2611275.SettingsLastUpdate", "1285582879");
Deleted : user_pref("CT2611275.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2611275.ThirdPartyComponentsLastCheck", "Fri Oct 08 2010 16:19:58 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2611275.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2611275.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2611275.UserID", "UN81251559543324719");
Deleted : user_pref("CT2611275.WeatherNetwork", "");
Deleted : user_pref("CT2611275.WeatherPollDate", "Sun Oct 10 2010 17:23:59 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2611275.WeatherUnit", "F");
Deleted : user_pref("CT2611275.alertChannelId", "1004080");
Deleted : user_pref("CT2611275.clientLogIsEnabled", false);
Deleted : user_pref("CT2611275.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2611275.components.1000082", true);
Deleted : user_pref("CT2611275.components.1000234", true);
Deleted : user_pref("CT2611275.ct2611275.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2611275.ct2611275.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2611275.ct2611275.InvalidateCache", false);
Deleted : user_pref("CT2611275.ct2611275.LanguagePackLastCheckTime", "Sat Oct 09 2010 20:53:44 GMT-0500 (Centr[...]
Deleted : user_pref("CT2611275.ct2611275.Locale", "en");
Deleted : user_pref("CT2611275.ct2611275.RadioLastCheckTime", "Sun Oct 10 2010 16:21:02 GMT-0500 (Central Dayl[...]
Deleted : user_pref("CT2611275.ct2611275.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2611275.ct2611275.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2611275.ct2611275.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Deleted : user_pref("CT2611275.ct2611275.SearchInNewTabLastCheckTime", "Sun Oct 10 2010 16:20:31 GMT-0500 (Cen[...]
Deleted : user_pref("CT2611275.ct2611275.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2611275.ct2611275.SettingsLastCheckTime", "Sun Oct 10 2010 01:23:43 GMT-0500 (Central D[...]
Deleted : user_pref("CT2611275.ct2611275.SettingsLastUpdate", "1285582879");
Deleted : user_pref("CT2611275.ct2611275.ThirdPartyComponentsLastCheck", "Fri Oct 08 2010 16:20:26 GMT-0500 (C[...]
Deleted : user_pref("CT2611275.ct2611275.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2611275.myStuffEnabled", true);
Deleted : user_pref("CT2611275.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2611275.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2611275.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2611275.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2611275.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Swag Bucks Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2260173/CT2260173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/657446/653307/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Erica\\Application[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2611275,CT2260173");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2611275,CT2260173");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2260173");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed May 02 2012 17:37:18 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "f7ccb11b-a07f-467b-9e83-5b370b65ad38");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed May 02 2012 17:36:5[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed May 02 2012 18:37:20 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed May 02 2012 17:36:54 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "f056d553-f4da-426c-bb2f-cc8b9c258376");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.yahoo.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Web Search...");
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.defaultthis.engineName", "Swag Bucks Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);
Deleted : user_pref("extensions.vshare@toolbar.install-event-fired", true);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=[...]
Deleted : user_pref("verizon.toolbar.buttons_label", ",,Web Search,,,,,,,,,,,,,,,");
Deleted : user_pref("verizon.toolbar.search.label", "Web Search");
Deleted : user_pref("vshare.install.date", "1313366400000");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.guid", "{22d57f32-8da9-47b1-ba6f-3849cbc26f47}");
Deleted : user_pref("vshare.install.isHidden", true);
Deleted : user_pref("vshare.install.istoolbarhp", true);
Deleted : user_pref("vshare.install.istoolbarsearch", true);
Deleted : user_pref("vshare.install.laststatreq", "1337558400000");
Deleted : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v23.0.1271.64

File : C:\Documents and Settings\Erica\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.imesh.net",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://search.imesh.net/", "hxxp://www.google.com/" ]
Deleted [l.893] : homepage = "hxxp://search.imesh.net",
Deleted [l.1226] : urls_to_restore_on_startup = [ "hxxp://search.imesh.net/", "hxxp://www.google.com/" ]

*************************

AdwCleaner[S2].txt - [24809 octets] - [12/11/2012 09:57:29]

########## EOF - C:\AdwCleaner[S2].txt - [24870 octets] ##########

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by Dr Jay on Mon Nov 12, 2012 5:30 pm

Hi there!

ComboFix scan

Please download ComboFix by sUBs
[You must be registered and logged in to see this link.]

Please save the file to your Desktop.

Important information about ComboFix


After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". [You must be registered and logged in to see this link.] if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Mon Nov 12, 2012 6:33 pm

ComboFix 12-11-12.03 - Erica 11/12/2012 12:20:03.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.704 [GMT -6:00]
Running from: c:\documents and settings\Erica\My Documents\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Erica\g2mdlhlpx.exe
c:\documents and settings\Erica\GoToAssistDownloadHelper.exe
c:\windows\system32\BSTIEPrintCtl1.dll
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\SET1419.tmp
c:\windows\system32\SET141A.tmp
c:\windows\system32\SET141C.tmp
c:\windows\system32\SET1420.tmp
c:\windows\system32\SET1428.tmp
c:\windows\system32\SET142A.tmp
c:\windows\system32\SET1470.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-10-12 to 2012-11-12 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 10:56 . 2012-04-10 16:39 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-12 10:56 . 2011-05-27 23:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-12 10:17 . 2012-09-02 03:19 256 -c--a-w- c:\windows\system32\MSIevent.bat
2012-11-12 10:17 . 2012-09-02 03:19 260 -c--a-w- c:\windows\system32\cmdVBS.vbs
2012-09-09 19:57 . 2012-09-09 19:58 93672 -c--a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-09 19:57 . 2012-09-08 21:19 143872 -c--a-w- c:\windows\system32\javacpl.cpl
2012-09-09 19:57 . 2011-02-17 11:53 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-08 21:18 . 2012-09-08 21:19 477168 -c--a-w- c:\windows\system32\npdeployJava1.dll
2012-08-28 15:14 . 2001-08-30 10:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2001-08-30 10:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2001-08-30 10:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 05:59 385024 -c--a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2001-08-30 10:30 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2001-08-30 10:30 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2001-08-17 13:48 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-18 07:30 . 2012-07-20 17:47 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-11-20 2590456]
"TCOYFReminder"="c:\progra~1\TCOYF\tcoyftray.exe" [2006-09-19 155648]
"Akamai NetSession Interface"="c:\documents and settings\Erica\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-10-09 4441920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-24 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-24 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-24 118784]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\documents and settings\Erica\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Erica\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9220:TCP"= 9220:TCP:HP
"161:UDP"= 161:UDP:HP2
"1054:TCP"= 1054:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [11/15/2011 9:00 AM 36000]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/30/2001 4:30 AM 14336]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/15/2011 9:00 AM 86224]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [5/26/2010 7:35 AM 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [5/26/2010 7:35 AM 493032]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys --> c:\windows\system32\DRIVERS\EAPPkt.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/30/2001 4:30 AM 14336]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192u.sys --> c:\windows\system32\DRIVERS\RTL8192u.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 10:56]
.
2012-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-413027322-725345543-1004Core.job
- c:\documents and settings\Erica\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-08 16:54]
.
2012-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-413027322-725345543-1004UA.job
- c:\documents and settings\Erica\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-08 16:54]
.
2012-09-10 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2011-05-24 16:59]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = 127.0.0.1:9421;
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Erica\Application Data\Mozilla\Firefox\Profiles\uynhihuo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKCU-Run-Itibiti.exe - c:\program files\Itibiti Soft Phone\Itibiti.exe
HKLM-Run-Easy Dock - c:\documents and settings\Erica\My Documents\RCA easyRip\EZDock.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-11-12 12:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(604)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(660)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2012-11-12 12:28:54
ComboFix-quarantined-files.txt 2012-11-12 18:28
.
Pre-Run: 24,521,261,056 bytes free
Post-Run: 24,809,299,968 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 5980B6CDE527EC34221BB27DEC80C7D2

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by Dr Jay on Tue Nov 13, 2012 9:10 am

TDSSKiller Scan

Please download and run [You must be registered and logged in to see this link.] to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Thu Nov 15, 2012 1:59 am

19:29:53.0703 0652 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:29:54.0281 0652 ============================================================
19:29:54.0281 0652 Current date / time: 2012/11/14 19:29:54.0281
19:29:54.0281 0652 SystemInfo:
19:29:54.0281 0652
19:29:54.0281 0652 OS Version: 5.1.2600 ServicePack: 3.0
19:29:54.0281 0652 Product type: Workstation
19:29:54.0281 0652 ComputerName: ULRIE_ERICA
19:29:54.0281 0652 UserName: Erica
19:29:54.0281 0652 Windows directory: C:\WINDOWS
19:29:54.0281 0652 System windows directory: C:\WINDOWS
19:29:54.0281 0652 Processor architecture: Intel x86
19:29:54.0281 0652 Number of processors: 1
19:29:54.0281 0652 Page size: 0x1000
19:29:54.0281 0652 Boot type: Normal boot
19:29:54.0281 0652 ============================================================
19:29:56.0156 0652 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:29:56.0171 0652 ============================================================
19:29:56.0171 0652 \Device\Harddisk0\DR0:
19:29:56.0171 0652 MBR partitions:
19:29:56.0171 0652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A7D53F
19:29:56.0171 0652 ============================================================
19:29:56.0218 0652 C: <-> \Device\Harddisk0\DR0\Partition1
19:29:56.0218 0652 ============================================================
19:29:56.0218 0652 Initialize success
19:29:56.0218 0652 ============================================================
19:30:43.0296 3516 ============================================================
19:30:43.0296 3516 Scan started
19:30:43.0296 3516 Mode: Manual; SigCheck; TDLFS;
19:30:43.0296 3516 ============================================================
19:30:43.0671 3516 ================ Scan system memory ========================
19:30:43.0687 3516 System memory - ok
19:30:43.0687 3516 ================ Scan services =============================
19:30:43.0781 3516 Abiosdsk - ok
19:30:43.0781 3516 abp480n5 - ok
19:30:43.0828 3516 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:30:45.0093 3516 ACPI - ok
19:30:45.0125 3516 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:30:45.0281 3516 ACPIEC - ok
19:30:45.0359 3516 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:30:45.0375 3516 AdobeFlashPlayerUpdateSvc - ok
19:30:45.0375 3516 adpu160m - ok
19:30:45.0406 3516 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:30:45.0578 3516 aec - ok
19:30:45.0609 3516 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:30:45.0734 3516 AFD - ok
19:30:45.0734 3516 Aha154x - ok
19:30:45.0750 3516 aic78u2 - ok
19:30:45.0750 3516 aic78xx - ok
19:30:46.0000 3516 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
19:30:46.0000 3516 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
19:30:46.0015 3516 Akamai ( HiddenFile.Multi.Generic ) - warning
19:30:46.0015 3516 Akamai - detected HiddenFile.Multi.Generic (1)
19:30:46.0031 3516 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:30:46.0187 3516 Alerter - ok
19:30:46.0203 3516 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:30:46.0359 3516 ALG - ok
19:30:46.0359 3516 AliIde - ok
19:30:46.0375 3516 amsint - ok
19:30:46.0421 3516 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:30:46.0437 3516 AntiVirSchedulerService - ok
19:30:46.0484 3516 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:30:46.0500 3516 AntiVirService - ok
19:30:46.0578 3516 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:30:46.0593 3516 Apple Mobile Device - ok
19:30:46.0593 3516 AppMgmt - ok
19:30:46.0609 3516 asc - ok
19:30:46.0625 3516 asc3350p - ok
19:30:46.0625 3516 asc3550 - ok
19:30:46.0750 3516 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:30:46.0921 3516 aspnet_state - ok
19:30:46.0953 3516 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:30:47.0109 3516 AsyncMac - ok
19:30:47.0140 3516 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:30:47.0281 3516 atapi - ok
19:30:47.0281 3516 Atdisk - ok
19:30:47.0343 3516 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:30:47.0562 3516 Atmarpc - ok
19:30:47.0593 3516 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:30:47.0750 3516 AudioSrv - ok
19:30:47.0781 3516 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:30:47.0968 3516 audstub - ok
19:30:48.0000 3516 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:30:48.0078 3516 avgntflt - ok
19:30:48.0109 3516 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:30:48.0156 3516 avipbb - ok
19:30:48.0171 3516 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:30:48.0234 3516 avkmgr - ok
19:30:48.0250 3516 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
19:30:48.0296 3516 BANTExt ( UnsignedFile.Multi.Generic ) - warning
19:30:48.0296 3516 BANTExt - detected UnsignedFile.Multi.Generic (1)
19:30:48.0343 3516 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:30:48.0531 3516 Beep - ok
19:30:48.0593 3516 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:30:48.0906 3516 BITS - ok
19:30:48.0937 3516 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:30:49.0062 3516 Browser - ok
19:30:49.0234 3516 catchme - ok
19:30:49.0265 3516 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:30:49.0453 3516 cbidf2k - ok
19:30:49.0484 3516 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:30:49.0687 3516 CCDECODE - ok
19:30:49.0687 3516 cd20xrnt - ok
19:30:49.0718 3516 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:30:49.0890 3516 Cdaudio - ok
19:30:49.0937 3516 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:30:50.0078 3516 Cdfs - ok
19:30:50.0093 3516 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:30:50.0312 3516 Cdrom - ok
19:30:50.0328 3516 Changer - ok
19:30:50.0343 3516 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
19:30:50.0562 3516 cisvc - ok
19:30:50.0609 3516 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:30:50.0765 3516 ClipSrv - ok
19:30:50.0796 3516 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:30:51.0000 3516 clr_optimization_v2.0.50727_32 - ok
19:30:51.0062 3516 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:30:51.0078 3516 clr_optimization_v4.0.30319_32 - ok
19:30:51.0093 3516 CmdIde - ok
19:30:51.0093 3516 COMSysApp - ok
19:30:51.0109 3516 Cpqarray - ok
19:30:51.0140 3516 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:30:51.0312 3516 CryptSvc - ok
19:30:51.0312 3516 dac2w2k - ok
19:30:51.0328 3516 dac960nt - ok
19:30:51.0375 3516 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:30:51.0453 3516 DcomLaunch - ok
19:30:51.0500 3516 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:30:51.0671 3516 Dhcp - ok
19:30:51.0703 3516 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:30:51.0843 3516 Disk - ok
19:30:51.0843 3516 dmadmin - ok
19:30:51.0875 3516 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:30:52.0140 3516 dmboot - ok
19:30:52.0171 3516 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:30:52.0328 3516 dmio - ok
19:30:52.0359 3516 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:30:52.0515 3516 dmload - ok
19:30:52.0546 3516 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:30:52.0718 3516 dmserver - ok
19:30:52.0750 3516 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:30:52.0906 3516 DMusic - ok
19:30:52.0937 3516 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:30:53.0062 3516 Dnscache - ok
19:30:53.0125 3516 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:30:53.0281 3516 Dot3svc - ok
19:30:53.0281 3516 dpti2o - ok
19:30:53.0296 3516 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:30:53.0578 3516 drmkaud - ok
19:30:53.0578 3516 dsNcAdpt - ok
19:30:53.0671 3516 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:30:53.0828 3516 EapHost - ok
19:30:53.0828 3516 EAPPkt - ok
19:30:53.0859 3516 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:30:54.0031 3516 ERSvc - ok
19:30:54.0062 3516 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:30:54.0109 3516 Eventlog - ok
19:30:54.0156 3516 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
19:30:54.0265 3516 EventSystem - ok
19:30:54.0312 3516 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:30:54.0484 3516 Fastfat - ok
19:30:54.0531 3516 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:30:54.0640 3516 FastUserSwitchingCompatibility - ok
19:30:54.0671 3516 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:30:54.0843 3516 Fdc - ok
19:30:54.0859 3516 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:30:55.0015 3516 Fips - ok
19:30:55.0062 3516 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:30:55.0203 3516 FLEXnet Licensing Service - ok
19:30:55.0234 3516 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:30:55.0390 3516 Flpydisk - ok
19:30:55.0421 3516 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:30:55.0546 3516 FltMgr - ok
19:30:55.0609 3516 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:30:55.0671 3516 FontCache3.0.0.0 - ok
19:30:55.0687 3516 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:30:55.0937 3516 Fs_Rec - ok
19:30:55.0953 3516 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:30:56.0093 3516 Ftdisk - ok
19:30:56.0125 3516 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:30:56.0156 3516 GEARAspiWDM - ok
19:30:56.0203 3516 [ FD7E9ABA274DF75E08320420B8E9A1D5 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
19:30:56.0250 3516 getPlusHelper - ok
19:30:56.0281 3516 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:30:56.0437 3516 Gpc - ok
19:30:56.0515 3516 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:30:56.0671 3516 helpsvc - ok
19:30:56.0671 3516 HidServ - ok
19:30:56.0718 3516 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:30:56.0859 3516 hidusb - ok
19:30:56.0906 3516 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:30:57.0078 3516 hkmsvc - ok
19:30:57.0093 3516 hpn - ok
19:30:57.0093 3516 hpt3xx - ok
19:30:57.0140 3516 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:30:57.0187 3516 HTTP - ok
19:30:57.0218 3516 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:30:57.0390 3516 HTTPFilter - ok
19:30:57.0390 3516 i2omgmt - ok
19:30:57.0406 3516 i2omp - ok
19:30:57.0421 3516 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
19:30:57.0578 3516 i8042prt - ok
19:30:57.0656 3516 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:30:57.0859 3516 ialm - ok
19:30:57.0921 3516 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:30:58.0140 3516 idsvc - ok
19:30:58.0187 3516 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:30:58.0328 3516 Imapi - ok
19:30:58.0375 3516 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:30:58.0500 3516 ImapiService - ok
19:30:58.0515 3516 ini910u - ok
19:30:58.0531 3516 IntelIde - ok
19:30:58.0562 3516 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:30:58.0718 3516 intelppm - ok
19:30:58.0734 3516 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:30:58.0890 3516 ip6fw - ok
19:30:58.0937 3516 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:30:59.0109 3516 IpFilterDriver - ok
19:30:59.0125 3516 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:30:59.0281 3516 IpInIp - ok
19:30:59.0296 3516 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:30:59.0421 3516 IpNat - ok
19:30:59.0484 3516 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:30:59.0546 3516 iPod Service - ok
19:30:59.0578 3516 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:30:59.0734 3516 IPSec - ok
19:30:59.0765 3516 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:30:59.0921 3516 IRENUM - ok
19:30:59.0937 3516 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:31:00.0078 3516 isapnp - ok
19:31:00.0156 3516 [ 2E41433579DE4381F1B0F7B30B013DDC ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
19:31:00.0203 3516 ISWKL - ok
19:31:00.0250 3516 [ 98C9D75CDAE131B5D06A69BDCCF3287F ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
19:31:00.0328 3516 IswSvc - ok
19:31:00.0421 3516 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:31:00.0437 3516 JavaQuickStarterService - ok
19:31:00.0453 3516 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:31:00.0625 3516 Kbdclass - ok
19:31:00.0625 3516 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:31:00.0781 3516 kbdhid - ok
19:31:00.0812 3516 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:31:00.0953 3516 kmixer - ok
19:31:00.0984 3516 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:31:01.0062 3516 KSecDD - ok
19:31:01.0093 3516 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:31:01.0187 3516 lanmanserver - ok
19:31:01.0234 3516 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:31:01.0312 3516 lanmanworkstation - ok
19:31:01.0312 3516 lbrtfdc - ok
19:31:01.0359 3516 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:31:01.0500 3516 LmHosts - ok
19:31:01.0515 3516 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:31:01.0671 3516 Messenger - ok
19:31:01.0703 3516 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:31:01.0859 3516 mnmdd - ok
19:31:01.0890 3516 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:31:02.0046 3516 mnmsrvc - ok
19:31:02.0078 3516 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:31:02.0218 3516 Modem - ok
19:31:02.0218 3516 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:31:02.0390 3516 Mouclass - ok
19:31:02.0421 3516 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:31:02.0593 3516 mouhid - ok
19:31:02.0609 3516 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:31:02.0734 3516 MountMgr - ok
19:31:02.0781 3516 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:31:02.0828 3516 MozillaMaintenance - ok
19:31:02.0843 3516 mraid35x - ok
19:31:02.0906 3516 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
19:31:02.0968 3516 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
19:31:02.0968 3516 MREMP50 - detected UnsignedFile.Multi.Generic (1)
19:31:02.0968 3516 MREMP50a64 - ok
19:31:02.0968 3516 MREMPR5 - ok
19:31:02.0984 3516 MRENDIS5 - ok
19:31:03.0015 3516 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
19:31:03.0062 3516 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
19:31:03.0062 3516 MRESP50 - detected UnsignedFile.Multi.Generic (1)
19:31:03.0062 3516 MRESP50a64 - ok
19:31:03.0093 3516 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:31:03.0218 3516 MRxDAV - ok
19:31:03.0265 3516 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:31:03.0359 3516 MRxSmb - ok
19:31:03.0406 3516 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:31:03.0687 3516 MSDTC - ok
19:31:03.0718 3516 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:31:03.0843 3516 Msfs - ok
19:31:03.0859 3516 MSIServer - ok
19:31:03.0890 3516 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:31:04.0031 3516 MSKSSRV - ok
19:31:04.0046 3516 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:31:04.0203 3516 MSPCLOCK - ok
19:31:04.0218 3516 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:31:04.0375 3516 MSPQM - ok
19:31:04.0390 3516 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:31:04.0515 3516 mssmbios - ok
19:31:04.0531 3516 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:31:04.0687 3516 MSTEE - ok
19:31:04.0718 3516 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:31:04.0781 3516 Mup - ok
19:31:04.0812 3516 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:31:04.0968 3516 NABTSFEC - ok
19:31:05.0000 3516 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:31:05.0171 3516 napagent - ok
19:31:05.0203 3516 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:31:05.0328 3516 NDIS - ok
19:31:05.0343 3516 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:31:05.0500 3516 NdisIP - ok
19:31:05.0531 3516 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:31:05.0609 3516 NdisTapi - ok
19:31:05.0640 3516 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:31:05.0796 3516 Ndisuio - ok
19:31:05.0812 3516 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:31:05.0984 3516 NdisWan - ok
19:31:06.0015 3516 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:31:06.0109 3516 NDProxy - ok
19:31:06.0140 3516 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:31:06.0187 3516 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:31:06.0187 3516 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:31:06.0203 3516 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:31:06.0328 3516 NetBIOS - ok
19:31:06.0359 3516 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:31:06.0515 3516 NetBT - ok
19:31:06.0562 3516 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:31:06.0734 3516 NetDDE - ok
19:31:06.0734 3516 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:31:06.0859 3516 NetDDEdsdm - ok
19:31:06.0890 3516 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:31:07.0000 3516 Netlogon - ok
19:31:07.0046 3516 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:31:07.0218 3516 Netman - ok
19:31:07.0250 3516 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:31:07.0296 3516 NetTcpPortSharing - ok
19:31:07.0328 3516 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:31:07.0390 3516 Nla - ok
19:31:07.0437 3516 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
19:31:07.0500 3516 nosGetPlusHelper - ok
19:31:07.0531 3516 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:31:07.0656 3516 Npfs - ok
19:31:07.0703 3516 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:31:07.0843 3516 Ntfs - ok
19:31:07.0859 3516 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:31:07.0984 3516 NtLmSsp - ok
19:31:08.0015 3516 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:31:08.0187 3516 NtmsSvc - ok
19:31:08.0218 3516 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:31:08.0375 3516 Null - ok
19:31:08.0406 3516 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:31:08.0562 3516 NwlnkFlt - ok
19:31:08.0578 3516 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:31:08.0734 3516 NwlnkFwd - ok
19:31:08.0765 3516 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:31:08.0906 3516 Parport - ok
19:31:08.0937 3516 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:31:09.0062 3516 PartMgr - ok
19:31:09.0109 3516 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:31:09.0265 3516 ParVdm - ok
19:31:09.0296 3516 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:31:09.0421 3516 PCI - ok
19:31:09.0421 3516 PCIDump - ok
19:31:09.0468 3516 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:31:09.0609 3516 PCIIde - ok
19:31:09.0625 3516 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:31:09.0781 3516 Pcmcia - ok
19:31:09.0781 3516 PDCOMP - ok
19:31:09.0796 3516 PDFRAME - ok
19:31:09.0796 3516 PDRELI - ok
19:31:09.0796 3516 PDRFRAME - ok
19:31:09.0812 3516 perc2 - ok
19:31:09.0812 3516 perc2hib - ok
19:31:09.0843 3516 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:31:09.0890 3516 PlugPlay - ok
19:31:09.0937 3516 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:31:09.0984 3516 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:31:09.0984 3516 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:31:10.0000 3516 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:31:10.0125 3516 PolicyAgent - ok
19:31:10.0156 3516 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:31:10.0312 3516 PptpMiniport - ok
19:31:10.0359 3516 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:31:10.0578 3516 Processor - ok
19:31:10.0609 3516 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:31:10.0718 3516 ProtectedStorage - ok
19:31:10.0734 3516 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:31:10.0968 3516 PSched - ok
19:31:11.0000 3516 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:31:11.0218 3516 Ptilink - ok
19:31:11.0265 3516 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:31:11.0281 3516 PxHelp20 - ok
19:31:11.0281 3516 ql1080 - ok
19:31:11.0281 3516 Ql10wnt - ok
19:31:11.0296 3516 ql12160 - ok
19:31:11.0296 3516 ql1240 - ok
19:31:11.0312 3516 ql1280 - ok
19:31:11.0343 3516 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:31:11.0531 3516 RasAcd - ok
19:31:11.0546 3516 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:31:11.0718 3516 RasAuto - ok
19:31:11.0734 3516 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:31:11.0921 3516 Rasl2tp - ok
19:31:12.0000 3516 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:31:12.0265 3516 RasMan - ok
19:31:12.0296 3516 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:31:12.0484 3516 RasPppoe - ok
19:31:12.0500 3516 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:31:12.0687 3516 Raspti - ok
19:31:12.0734 3516 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:31:12.0921 3516 Rdbss - ok
19:31:12.0937 3516 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:31:13.0546 3516 RDPCDD - ok
19:31:13.0687 3516 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:31:13.0984 3516 RDPWD - ok
19:31:14.0109 3516 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:31:14.0484 3516 RDSessMgr - ok
19:31:14.0531 3516 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:31:14.0812 3516 redbook - ok
19:31:14.0843 3516 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:31:15.0015 3516 RemoteAccess - ok
19:31:15.0046 3516 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:31:15.0328 3516 ROOTMODEM - ok
19:31:15.0359 3516 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:31:15.0609 3516 RpcLocator - ok
19:31:15.0656 3516 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:31:15.0765 3516 RpcSs - ok
19:31:15.0890 3516 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:31:16.0265 3516 RSVP - ok
19:31:16.0281 3516 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\WINDOWS\system32\DRIVERS\rt73.sys
19:31:16.0781 3516 RT73 ( UnsignedFile.Multi.Generic ) - warning
19:31:16.0781 3516 RT73 - detected UnsignedFile.Multi.Generic (1)
19:31:16.0781 3516 RTL8192u - ok
19:31:16.0812 3516 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:31:16.0968 3516 SamSs - ok
19:31:17.0062 3516 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:31:17.0296 3516 SCardSvr - ok
19:31:17.0343 3516 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:31:17.0625 3516 Schedule - ok
19:31:17.0718 3516 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:31:18.0000 3516 Secdrv - ok
19:31:18.0031 3516 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:31:18.0187 3516 seclogon - ok
19:31:18.0265 3516 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
19:31:18.0703 3516 senfilt - ok
19:31:18.0734 3516 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:31:18.0875 3516 SENS - ok
19:31:18.0890 3516 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:31:19.0046 3516 serenum - ok
19:31:19.0062 3516 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:31:19.0218 3516 Serial - ok
19:31:19.0296 3516 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:31:19.0484 3516 Sfloppy - ok
19:31:19.0578 3516 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:31:19.0859 3516 SharedAccess - ok
19:31:19.0906 3516 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:31:19.0921 3516 ShellHWDetection - ok
19:31:19.0937 3516 Simbad - ok
19:31:19.0953 3516 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:31:20.0109 3516 SLIP - ok
19:31:20.0250 3516 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
19:31:20.0406 3516 smwdm - ok
19:31:20.0406 3516 Sparrow - ok
19:31:20.0421 3516 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:31:20.0625 3516 splitter - ok
19:31:20.0656 3516 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:31:20.0734 3516 Spooler - ok
19:31:20.0781 3516 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:31:20.0906 3516 sr - ok
19:31:20.0968 3516 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:31:21.0171 3516 srservice - ok
19:31:21.0203 3516 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:31:21.0359 3516 Srv - ok
19:31:21.0406 3516 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:31:21.0578 3516 SSDPSRV - ok
19:31:21.0625 3516 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:31:21.0687 3516 ssmdrv - ok
19:31:21.0781 3516 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:31:22.0062 3516 stisvc - ok
19:31:22.0078 3516 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:31:22.0250 3516 streamip - ok
19:31:22.0296 3516 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:31:22.0453 3516 swenum - ok
19:31:22.0468 3516 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:31:22.0640 3516 swmidi - ok
19:31:22.0640 3516 SwPrv - ok
19:31:22.0656 3516 symc810 - ok
19:31:22.0671 3516 symc8xx - ok
19:31:22.0671 3516 sym_hi - ok
19:31:22.0687 3516 sym_u3 - ok
19:31:22.0703 3516 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:31:22.0875 3516 sysaudio - ok
19:31:22.0906 3516 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:31:23.0046 3516 SysmonLog - ok
19:31:23.0140 3516 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:31:23.0375 3516 TapiSrv - ok
19:31:23.0468 3516 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:31:24.0500 3516 Tcpip - ok
19:31:24.0546 3516 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:31:24.0718 3516 TDPIPE - ok
19:31:24.0765 3516 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:31:24.0953 3516 TDTCP - ok
19:31:24.0968 3516 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:31:25.0187 3516 TermDD - ok
19:31:25.0296 3516 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:31:25.0593 3516 TermService - ok
19:31:25.0625 3516 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:31:25.0640 3516 Themes - ok
19:31:25.0640 3516 TosIde - ok
19:31:25.0718 3516 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:31:25.0937 3516 TrkWks - ok
19:31:25.0953 3516 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:31:26.0140 3516 Udfs - ok
19:31:26.0140 3516 ultra - ok
19:31:26.0187 3516 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:31:26.0390 3516 Update - ok
19:31:26.0421 3516 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:31:26.0656 3516 upnphost - ok
19:31:26.0671 3516 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:31:26.0843 3516 UPS - ok
19:31:26.0875 3516 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:31:26.0953 3516 USBAAPL - ok
19:31:26.0984 3516 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:31:27.0125 3516 usbccgp - ok
19:31:27.0140 3516 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:31:27.0312 3516 usbehci - ok
19:31:27.0343 3516 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:31:27.0500 3516 usbhub - ok
19:31:27.0515 3516 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:31:27.0671 3516 usbprint - ok
19:31:27.0687 3516 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:31:27.0843 3516 usbscan - ok
19:31:27.0875 3516 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:31:28.0031 3516 USBSTOR - ok
19:31:28.0046 3516 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:31:28.0203 3516 usbuhci - ok
19:31:28.0234 3516 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:31:28.0406 3516 usbvideo - ok
19:31:28.0421 3516 [ BEE793D4A059CAEA55D6AC20E19B3A8F ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023.sys
19:31:28.0578 3516 USB_RNDIS - ok
19:31:28.0593 3516 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:31:28.0750 3516 VgaSave - ok
19:31:28.0765 3516 ViaIde - ok
19:31:28.0796 3516 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:31:28.0921 3516 VolSnap - ok
19:31:28.0968 3516 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:31:29.0171 3516 VSS - ok
19:31:29.0203 3516 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:31:29.0375 3516 W32Time - ok
19:31:29.0406 3516 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:31:29.0546 3516 Wanarp - ok
19:31:29.0562 3516 WDICA - ok
19:31:29.0593 3516 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:31:29.0750 3516 wdmaud - ok
19:31:29.0781 3516 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:31:29.0953 3516 WebClient - ok
19:31:30.0015 3516 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:31:30.0171 3516 winmgmt - ok
19:31:30.0218 3516 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:31:30.0406 3516 WmdmPmSN - ok
19:31:30.0468 3516 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:31:30.0703 3516 WmiApSrv - ok
19:31:31.0031 3516 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:31:31.0546 3516 WMPNetworkSvc - ok
19:31:31.0843 3516 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:31:32.0625 3516 WPFFontCache_v0400 - ok
19:31:32.0656 3516 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:31:32.0875 3516 WS2IFSL - ok
19:31:32.0937 3516 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:31:33.0140 3516 wscsvc - ok
19:31:33.0171 3516 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:31:33.0359 3516 WSTCODEC - ok
19:31:33.0406 3516 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:31:33.0546 3516 wuauserv - ok
19:31:33.0593 3516 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:31:33.0734 3516 WudfPf - ok
19:31:33.0750 3516 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:31:34.0515 3516 WudfRd - ok
19:31:34.0562 3516 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:31:34.0687 3516 WudfSvc - ok
19:31:34.0828 3516 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:31:35.0312 3516 WZCSVC - ok
19:31:35.0406 3516 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:31:35.0640 3516 xmlprov - ok
19:31:35.0640 3516 ================ Scan global ===============================
19:31:35.0687 3516 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:31:35.0828 3516 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:31:36.0078 3516 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:31:36.0093 3516 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:31:36.0093 3516 [Global] - ok
19:31:36.0093 3516 ================ Scan MBR ==================================
19:31:36.0125 3516 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:31:37.0500 3516 \Device\Harddisk0\DR0 - ok
19:31:37.0500 3516 ================ Scan VBR ==================================
19:31:37.0515 3516 [ 9722CBBDC7A57036F522F1F7AFDD9A7A ] \Device\Harddisk0\DR0\Partition1
19:31:37.0515 3516 \Device\Harddisk0\DR0\Partition1 - ok
19:31:37.0515 3516 ============================================================
19:31:37.0515 3516 Scan finished
19:31:37.0515 3516 ============================================================
19:31:37.0640 1132 Detected object count: 7
19:31:37.0640 1132 Actual detected object count: 7
19:57:20.0890 1132 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:20.0890 1132 RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:20.0890 1132 RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by Dr Jay on Thu Nov 15, 2012 9:23 am

ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.



Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by FaithCassita on Thu Nov 15, 2012 4:40 pm

C:\Documents and Settings\Erica\Application Data\Sun\Java\Deployment\cache\6.0\3\4c08fc3-1a7937bb probably a variant of Java/TrojanDownloader.Agent.AB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Erica\My Documents\Downloads\fvdsuite_installer.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined

I'm not seeing any other issues right now. My computer is actually running better and not slowing down as much or freezing as much.

FaithCassita
Intermediate
Intermediate

Posts Posts : 52
Joined Joined : 2008-11-23
OS OS : Windows XP
Points Points : 29752
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Computer running slow, do I have a virus or malware problem?

Post by Dr Jay on Fri Nov 16, 2012 4:44 pm

Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note:If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

NOTE: If you already have this installed, you don't have to reinstall it.

Please download [You must be registered and logged in to see this link.] and save it to your Desktop - [You must be registered and logged in to see this link.]

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

  • Double-click the CCleaner shortcut on the desktop to start the program.
  • A prompt will ask you if you want CCleaner to do a check to see what cookies it needs to keep. Allow that operation.
  • On the Cleaner tab, click on Run Cleaner on the bottom-right to run the program.
  • Important: Make sure that ALL browser windows are closed before selecting Run Cleaner, or it will ask if you want the program to close them for you (when you do this, all unsaved data may be lost in the browser).


Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum