Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

slow to recognize usb devices, windows wants to restart often

Started by kspade , Dec 15 2010 08:35 PM

  • Please log in to reply

#1
kspade
Posted 15 December 2010 - 08:35 PM

kspade

    Member

  • Member
  • PipPip
  • 14 posts
Things are running prettty slowly in general. I've been having problems running my software program off the external hard drive (never hooked to another computer). Last restart it didn't recognize my mouse for about 10 minutes. Windows wants to restart even though it just restarted. A friend of mine was using my wireless connection and had a trojan, but my Advast anit-virus scan did not turn up anything.

Thanks in advance for help! Here is my OTL log:


OTL logfile created on: 12/15/2010 8:06:56 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Nadine\Documents\downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 45.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.46 Gb Total Space | 45.00 Gb Free Space | 32.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.22 Gb Free Space | 42.17% Space Free | Partition Type: NTFS
Drive F: | 232.83 Gb Total Space | 219.43 Gb Free Space | 94.24% Space Free | Partition Type: FAT32

Computer Name: LIEM | User Name: Nadine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/15 20:06:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nadine\Documents\downloads\OTL.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/12 20:14:08 | 000,496,936 | ---- | M] (Juniper Networks) -- C:\Users\Nadine\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
PRC - [2009/02/05 15:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 15:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 15:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 15:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 15:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/02 20:07:18 | 000,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe
PRC - [2009/01/27 15:21:32 | 002,143,232 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoServer.exe
PRC - [2009/01/27 15:18:12 | 000,425,472 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/01/27 15:05:46 | 000,315,392 | ---- | M] (TiVo Inc.) -- C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
PRC - [2009/01/27 15:03:54 | 000,520,192 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TranscodingService.exe
PRC - [2009/01/20 22:45:00 | 000,960,536 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2009/01/20 22:34:36 | 000,377,232 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/01/20 22:34:26 | 000,618,936 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/01/20 22:06:10 | 004,359,280 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/07 09:42:06 | 002,156,368 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/01/19 01:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/03 18:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2007/12/21 09:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/12/02 22:28:06 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/12/02 22:27:58 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/12/02 22:27:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/13 15:46:00 | 000,135,168 | ---- | M] ( ) -- C:\ProgramData\Dell\TransferAgent\TransferAgent.exe
PRC - [2007/09/13 19:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/09/07 02:51:00 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 02:50:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 02:50:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/09/07 02:50:54 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/08/27 23:51:42 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/07/25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/07/25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/06/13 09:39:12 | 000,073,728 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2007/04/16 22:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/04/16 21:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe
PRC - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 12:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/15 11:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/11/03 16:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 16:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe


========== Modules (SafeList) ==========

MOD - [2010/12/15 20:06:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nadine\Documents\downloads\OTL.exe
MOD - [2010/08/31 09:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/02/05 15:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 15:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 15:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 15:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/01/20 22:34:26 | 000,618,936 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/02 22:27:58 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/12/02 22:27:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/07/25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2007/07/25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2007/05/31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/12/09 07:28:04 | 000,085,288 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\System32\drivers\NEOFLTR_650_14951.SYS -- (NEOFLTR_650_14951) Juniper Networks TDI Filter Driver (NEOFLTR_650_14951)
DRV - [2009/05/23 18:15:40 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174)
DRV - [2009/05/23 18:15:35 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/05/23 18:15:35 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/05/23 18:15:32 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2009/02/05 15:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 15:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 15:06:59 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/02/05 15:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 15:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008/08/27 23:48:34 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/08/27 23:48:34 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/08/27 23:48:34 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/04/09 04:40:08 | 007,598,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/01/18 23:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008/01/18 23:28:01 | 000,000,000 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2007/12/27 21:23:10 | 000,064,160 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\System32\drivers\NEOFLTR_600_12507.sys -- (NEOFLTR_600_12507) Juniper Networks TDI Filter Driver (NEOFLTR_600_12507)
DRV - [2007/12/04 17:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/12/02 22:28:08 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/28 00:40:24 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/07 03:27:32 | 000,209,408 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ianvstor.sys -- (iaNvStor) Intel®
DRV - [2007/09/07 03:22:34 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/09/07 02:50:54 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/07 00:35:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/07 00:35:44 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/07 00:35:42 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/27 23:51:44 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/08/27 23:51:40 | 000,235,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/08/13 03:44:26 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/04/16 21:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/06 19:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/06 17:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/06 17:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HotSync] C:\Program Files\PalmSource\Desktop\HotSync.exe File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellTransferAgent] C:\ProgramData\Dell\TransferAgent\TransferAgent.exe ( )
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\TranscodingService.exe (TiVo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - c:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - c:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://portal.marke...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - c:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/08/25 01:26:54 | 000,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2005/11/15 11:08:04 | 000,000,036 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{d546afed-4740-11de-aead-001fe1de7bc6}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/17 11:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/17 11:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/17 11:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/11/17 11:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/11/17 11:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[20 C:\Users\Nadine\Documents\*.tmp files -> C:\Users\Nadine\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/15 19:25:50 | 000,042,078 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/12/15 19:25:50 | 000,042,078 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/12/15 19:25:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/15 19:25:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/15 19:25:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/15 08:35:58 | 000,001,728 | -H-- | M] () -- C:\Users\Nadine\Documents\Default.rdp
[2010/12/14 18:11:28 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/14 18:11:28 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/14 18:04:51 | 3756,064,768 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/14 07:24:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/12/13 08:43:58 | 000,026,624 | ---- | M] () -- C:\Users\Nadine\Documents\helen keller quote paper version 2.doc
[2010/12/13 08:43:13 | 000,026,624 | ---- | M] () -- C:\Users\Nadine\Documents\helen keller quote paper.doc
[2010/12/12 15:06:30 | 000,025,600 | ---- | M] () -- C:\Users\Nadine\Documents\theology christian paper.doc
[2010/12/09 16:59:33 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2010/12/06 14:47:39 | 408,653,263 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/05 19:22:04 | 000,008,704 | ---- | M] () -- C:\Users\Nadine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 17:47:10 | 000,046,592 | ---- | M] () -- C:\Users\Nadine\Documents\craotia.ppt
[2010/12/03 06:07:12 | 000,024,064 | ---- | M] () -- C:\Users\Nadine\Documents\Hay un muchacho que se llama Benny.doc
[2010/11/17 11:43:11 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[20 C:\Users\Nadine\Documents\*.tmp files -> C:\Users\Nadine\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/13 08:43:58 | 000,026,624 | ---- | C] () -- C:\Users\Nadine\Documents\helen keller quote paper version 2.doc
[2010/12/12 12:17:27 | 000,025,600 | ---- | C] () -- C:\Users\Nadine\Documents\theology christian paper.doc
[2010/12/12 09:55:35 | 000,026,624 | ---- | C] () -- C:\Users\Nadine\Documents\helen keller quote paper.doc
[2010/12/05 17:13:32 | 000,046,592 | ---- | C] () -- C:\Users\Nadine\Documents\craotia.ppt
[2010/12/03 06:03:45 | 000,024,064 | ---- | C] () -- C:\Users\Nadine\Documents\Hay un muchacho que se llama Benny.doc
[2010/11/17 11:43:11 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/05/27 19:28:46 | 000,008,704 | ---- | C] () -- C:\Users\Nadine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/14 20:59:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/09/14 20:18:44 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/09/07 10:45:49 | 000,000,220 | ---- | C] () -- C:\Users\Nadine\AppData\Roaming\wklnhst.dat
[2008/09/06 15:46:29 | 000,007,592 | ---- | C] () -- C:\Users\Nadine\AppData\Local\d3d9caps.dat
[2008/09/05 12:59:59 | 000,042,078 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/09/05 12:20:44 | 000,042,078 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/09/04 20:38:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\exfat.sys
[2008/08/27 23:54:44 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008/08/27 23:54:43 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/25 15:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/11/03 16:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/20 22:02:32 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/20 22:02:32 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2009/05/23 18:21:11 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Acronis
[2009/01/29 09:52:37 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Canon
[2009/09/12 14:20:19 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Caspedia
[2009/02/18 20:27:18 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\CopyTrans
[2009/02/18 20:25:32 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\CopyTransControlCenter
[2008/12/07 23:01:33 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\HotSync
[2009/07/08 21:32:19 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Juniper Networks
[2009/09/12 14:27:10 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Leadertech
[2008/09/14 20:18:26 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\ScanSoft
[2008/09/07 10:45:50 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Template
[2010/12/14 07:24:28 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 20 December 2010 - 11:46 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello kspade,

Nothing much leaping out at me there immediately.

I wonder whether your slow USB connection has anything to do with Spybot taking it's time to check things.

Now

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O4 - HKLM..\Run: [] File not found
O33 - MountPoints2\{d546afed-4740-11de-aead-001fe1de7bc6}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
Next

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

So when you return please post
  • OTL fix log
  • MBRCheck log
  • 0

#3
kspade
Posted 22 December 2010 - 09:30 PM

kspade

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Thanks for checking this out emeraldnzl! Here are the two logs:

OTL fix log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d546afed-4740-11de-aead-001fe1de7bc6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d546afed-4740-11de-aead-001fe1de7bc6}\ not found.
File F:\Setup.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: BiBi
->Temp folder emptied: 5052019 bytes
->Temporary Internet Files folder emptied: 49771788 bytes
->Flash cache emptied: 1132 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nadine
->Temp folder emptied: 1101158667 bytes
->Temporary Internet Files folder emptied: 140232257 bytes
->Java cache emptied: 3592197 bytes
->Flash cache emptied: 269088 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7800375 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 187425161 bytes

Total Files Cleaned = 1,426.00 mb


[EMPTYFLASH]

User: All Users

User: BiBi
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Nadine
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.17.3 log created on 12222010_195508

Files\Folders moved on Reboot...
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7BAD.tmp not found!
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7BBC.tmp not found!
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7C04.tmp not found!
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7C13.tmp not found!
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7C48.tmp not found!
File\Folder C:\Users\Nadine\AppData\Local\Temp\~DF7C58.tmp not found!
C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U0BU2EAB\292273-slow-to-recognize-usb-devices-windows-wants-to-restart-often[1].htm moved successfully.
C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U0BU2EAB\like[1].htm moved successfully.
C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U0BU2EAB\xd_proxy[1].htm moved successfully.
C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


And the MBRCheck log:
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Business Edition
Windows Information: Service Pack 1 (build 6001), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: XPS M1530
Logical Drives Mask: 0x0000009c

Kernel Drivers (total 177):
0x8220F000 \SystemRoot\system32\ntkrnlpa.exe
0x825C8000 \SystemRoot\system32\hal.dll
0x80404000 \SystemRoot\system32\kdcom.dll
0x8040C000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8046C000 \SystemRoot\system32\PSHED.dll
0x8047D000 \SystemRoot\system32\BOOTVID.dll
0x80485000 \SystemRoot\system32\CLFS.SYS
0x804C6000 \SystemRoot\system32\CI.dll
0x80607000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80683000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80690000 \SystemRoot\system32\drivers\acpi.sys
0x806D6000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DF000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E7000 \SystemRoot\system32\drivers\pci.sys
0x8070E000 \SystemRoot\System32\drivers\partmgr.sys
0x8071D000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80720000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8072A000 \SystemRoot\system32\drivers\volmgr.sys
0x80739000 \SystemRoot\System32\drivers\volmgrx.sys
0x80783000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8078A000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x80798000 \SystemRoot\system32\drivers\pciide.sys
0x8079F000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B80A000 \SystemRoot\system32\drivers\iastorv.sys
0x8B8AA000 \SystemRoot\system32\drivers\iastor.sys
0x8B971000 \SystemRoot\system32\drivers\atapi.sys
0x8B979000 \SystemRoot\system32\drivers\ataport.SYS
0x8B997000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B9C9000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B9D9000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x8BA0E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8BA7F000 \SystemRoot\system32\drivers\ndis.sys
0x8BB8A000 \SystemRoot\system32\drivers\msrpc.sys
0x8BBB5000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BC0B000 \SystemRoot\System32\drivers\tcpip.sys
0x8BCF4000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8BD0F000 \SystemRoot\system32\DRIVERS\timntr.sys
0x8BE03000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BF12000 \SystemRoot\system32\drivers\volsnap.sys
0x8C007000 \SystemRoot\system32\DRIVERS\tdrpm174.sys
0x8C0F3000 \SystemRoot\System32\Drivers\spldr.sys
0x8C0FB000 \SystemRoot\system32\DRIVERS\snman380.sys
0x8C11B000 \SystemRoot\System32\Drivers\mup.sys
0x8C12A000 \SystemRoot\System32\drivers\ecache.sys
0x8C151000 \SystemRoot\system32\drivers\disk.sys
0x8C162000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8C183000 \SystemRoot\system32\drivers\crcdisk.sys
0x902CF000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x902DA000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x902E3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x9100A000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x9174A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x917E9000 \SystemRoot\System32\drivers\watchdog.sys
0x902F2000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x902FD000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x9033B000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9034A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9035C000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x90A06000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x90C2F000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x90C3F000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x90C4D000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x90C67000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x90C76000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x90C8A000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x90CDB000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x90CEE000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x90D1A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x90D25000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x90D30000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x90D48000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x90D4E000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x90D52000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x90D5B000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x90D89000 \SystemRoot\system32\DRIVERS\storport.sys
0x90DCA000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x90DD5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x90DEC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x903A2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x903C5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x903D4000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x903E8000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8BF4B000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0x8C199000 \SystemRoot\system32\DRIVERS\termdd.sys
0x90DF7000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8C1A9000 \SystemRoot\system32\DRIVERS\ks.sys
0x917F6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8C1D3000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8BD92000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8C1E0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x805A6000 \SystemRoot\system32\drivers\stwrt.sys
0x8BDC6000 \SystemRoot\system32\drivers\portcls.sys
0x8BFD4000 \SystemRoot\system32\drivers\drmk.sys
0x91000000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90DF9000 \SystemRoot\System32\Drivers\Null.SYS
0x90200000 \SystemRoot\System32\Drivers\Beep.SYS
0x8C000000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8C1F1000 \SystemRoot\System32\drivers\vga.sys
0x807AF000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BDF3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BC00000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BBEF000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8BA00000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8B9E2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x807D0000 \SystemRoot\system32\DRIVERS\tdx.sys
0x807E6000 \??\C:\Windows\system32\Drivers\NEOFLTR_650_14951.SYS
0x8B9EB000 \SystemRoot\system32\DRIVERS\smb.sys
0x91A07000 \??\C:\Windows\system32\Drivers\NEOFLTR_600_12507.SYS
0x91A15000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x91A20000 \SystemRoot\system32\drivers\afd.sys
0x91A68000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x91A6C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91A9E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91AB4000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91AC2000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91AD5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x91B11000 \SystemRoot\system32\drivers\nsiproxy.sys
0x91B1B000 \SystemRoot\system32\drivers\csc.sys
0x91B75000 \SystemRoot\System32\Drivers\dfsc.sys
0x91B8C000 \SystemRoot\System32\Drivers\aswSP.SYS
0x91BAD000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x91BC4000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x91BC6000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x91A00000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x90207000 \SystemRoot\System32\Drivers\crashdmp.sys
0x93406000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x934CD000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x934DA000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x934E4000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x934F6000 \SystemRoot\System32\Drivers\tcusb.sys
0x93500000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x93509000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x93519000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x99AA0000 \SystemRoot\System32\win32k.sys
0x93521000 \SystemRoot\System32\drivers\Dxapi.sys
0x9352B000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x93537000 \SystemRoot\System32\Drivers\bthport.sys
0x93571000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x93582000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x9358C000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x90214000 \SystemRoot\system32\drivers\btwavdt.sys
0x9C203000 \SystemRoot\system32\drivers\btwaudio.sys
0x9C27E000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x9C281000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x9C28A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99CC0000 \SystemRoot\System32\TSDDD.dll
0x99CE0000 \SystemRoot\System32\ATMFD.DLL
0x99D30000 \SystemRoot\System32\cdd.dll
0x9C299000 \SystemRoot\system32\drivers\luafv.sys
0x9C2B4000 \SystemRoot\system32\DRIVERS\aswMonFlt.sys
0x9C2CB000 \SystemRoot\system32\DRIVERS\aswFsBlk.sys
0x9C2D3000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0x9C2E5000 \SystemRoot\system32\drivers\spsys.sys
0x9C394000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9C3A4000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9C3CE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9C3D8000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA1000000 \SystemRoot\system32\drivers\HTTP.sys
0xA106D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA108A000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA10A3000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA10B8000 \SystemRoot\system32\drivers\mrxdav.sys
0xA10D8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA10F7000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA1130000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA1148000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA1170000 \SystemRoot\System32\DRIVERS\srv.sys
0xA11D6000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
0xA2E0A000 \SystemRoot\system32\drivers\peauth.sys
0xA2EE8000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA2EF2000 \SystemRoot\System32\Drivers\fastfat.SYS
0xA2F1A000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA2F26000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA2F3B000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xA2F4D000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xA2F63000 \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
0x770E0000 \Windows\System32\ntdll.dll

Processes (total 89):
0 System Idle Process
4 System
596 C:\Windows\System32\smss.exe
764 csrss.exe
832 C:\Windows\System32\wininit.exe
844 csrss.exe
876 C:\Windows\System32\services.exe
888 C:\Windows\System32\lsass.exe
896 C:\Windows\System32\lsm.exe
1056 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\svchost.exe
1212 C:\Windows\System32\svchost.exe
1240 C:\Windows\System32\svchost.exe
1252 C:\Windows\System32\svchost.exe
1340 C:\Windows\System32\audiodg.exe
1372 C:\Windows\System32\svchost.exe
1412 C:\Windows\System32\SLsvc.exe
1472 C:\Windows\System32\svchost.exe
1592 C:\Windows\System32\winlogon.exe
1660 C:\Windows\System32\svchost.exe
1768 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
1784 C:\Program Files\Alwil Software\Avast4\ashServ.exe
1812 C:\Windows\System32\wlanext.exe
2016 C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
2080 C:\Windows\System32\spoolsv.exe
2104 C:\Windows\System32\svchost.exe
2264 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
2296 C:\Windows\System32\AEstSrv.exe
2340 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2380 C:\Program Files\Bonjour\mDNSResponder.exe
2400 C:\Windows\System32\svchost.exe
2432 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
2480 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2624 C:\Windows\System32\svchost.exe
2648 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
2676 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
2856 C:\Windows\System32\stacsv.exe
2888 C:\Windows\System32\svchost.exe
2936 C:\Windows\System32\svchost.exe
2980 C:\Windows\System32\SearchIndexer.exe
3188 WUDFHost.exe
3224 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
3256 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
3680 C:\Windows\System32\taskeng.exe
3888 C:\Windows\System32\svchost.exe
3588 C:\Windows\System32\taskeng.exe
1508 C:\Windows\System32\dwm.exe
2996 C:\Windows\explorer.exe
664 C:\Windows\notepad.exe
1272 C:\Program Files\Windows Defender\MSASCui.exe
3964 C:\Program Files\DellTPad\Apoint.exe
892 C:\Windows\OEM02Mon.exe
2632 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
1052 C:\Program Files\Dell\MediaDirect\PCMService.exe
940 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
3476 C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
1092 C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
4100 C:\Windows\System32\rundll32.exe
4108 C:\Program Files\Fingerprint Reader Suite\psqltray.exe
4140 C:\Windows\System32\rundll32.exe
4156 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
4176 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
4184 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
4192 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
4200 C:\Windows\WindowsMobile\wmdc.exe
4216 C:\Program Files\iTunes\iTunesHelper.exe
4228 C:\Program Files\DellSupport\DSAgnt.exe
4236 C:\ProgramData\Dell\TransferAgent\TransferAgent.exe
4244 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
4252 C:\Program Files\TiVo\Desktop\TranscodingService.exe
4260 C:\Program Files\TiVo\Desktop\TiVoNotify.exe
4268 C:\Program Files\TiVo\Desktop\TiVoServer.exe
4276 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
4296 C:\Program Files\Palm\Hotsync.exe
4308 C:\Program Files\Windows Sidebar\sidebar.exe
4404 C:\Windows\System32\rundll32.exe
4668 C:\Program Files\DellTPad\ApMsgFwd.exe
4684 C:\Windows\System32\wuauclt.exe
4724 C:\Program Files\DellTPad\hidfind.exe
4864 C:\Program Files\DellTPad\ApntEx.exe
5108 C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
5184 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
5708 C:\Program Files\Internet Explorer\iexplore.exe
5740 C:\Program Files\Internet Explorer\iexplore.exe
6108 C:\Program Files\iPod\bin\iPodService.exe
4004 dllhost.exe
5624 dllhost.exe
5956 C:\Users\Nadine\Documents\downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`85700000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`05700000 (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHW2160BJFFSG2, Rev: 0085001C

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
  • 0

#4
emeraldnzl
Posted 22 December 2010 - 09:52 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello kspade,

Nothing in that MBRCheck.

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
  • 0

#5
kspade
Posted 27 December 2010 - 08:34 AM

kspade

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi emeraldnzl,

Sorry for the delay - I was away for the holidays.

I installed the Malwarebytes and ran (log is posted below). However, during the process a note poppoed up from avast! saying that a virus had been found (note I wasn't running an avast! scan) and I needed a boot scan. I ran that, and part way through it said it found a pdf file infected by JS:pdfk (the rest is cut off). I moved it to a chest. The scan continued throughout the night last night, and this morning my computer was at the startup screen with no open windows.

I should also mention that I haven't seemed to have the same usb issues as were happening when the thread first started.

Thanks much for your help!

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5363

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18999

12/26/2010 2:48:02 PM
mbam-log-2010-12-26 (14-48-02).txt

Scan type: Quick scan
Objects scanned: 154196
Time elapsed: 3 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#6
emeraldnzl
Posted 27 December 2010 - 11:35 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello kspade,

this morning my computer was at the startup screen with no open windows.


Have you got Windows now? Tell me when you return.

For now

Please run a free online scan with the ESET Online Scanner
Note: ESET was designed to run with Internet Explorer, compatibility with other browsers has been added recently but if you find difficulty, go to using Internet Explorer
  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Click Start and if your security program asks you if you want to allow the program, click yes.
  • If you anti-virus is active you may see a panel appear warning you that this may affect performance. Disabling the programs listed may speed things along.
  • Make sure that the options Remove found threats and Scan archives are checked (do not worry about advanced settings)
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt (open Notepad > File > Open and navigate to the log.txt)
  • Copy and paste that log as a reply to this topic

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP