Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

slow performance with xp pc

Started by benny_b , Jan 25 2012 08:38 PM

  • Please log in to reply

#1
benny_b
Posted 25 January 2012 - 08:38 PM

benny_b

    Member

  • Member
  • PipPipPip
  • 103 posts
hello,

my pc has been running slow for at over a month now. the loading personal profiles is taking several minutes to complete. starting and running programs has also slowed considerably. i have run several boot scans with Avast and also scanned with Malwarebytes and have not found any infected files. i tried xptune and/or tunexp. one was total rubbish and nearly crashed my machine the other was merely ineffectual. otherwise i've been looking around for some ideas about what to do to resolve this problem. there are fleeting moments when the machine responds quickly, but then it bogs down again. it seems that i should check it for malware first and then seek further assistance if the machine is clean. Thanks, B.
Here's my OTL log:

OTL logfile created on: 1/25/2012 9:00:13 PM - Run 2
OTL by OldTimer - Version 3.2.24.0 Folder = F:\Programs\System Tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.48 Mb Total Physical Memory | 467.01 Mb Available Physical Memory | 47.10% Memory free
2.33 Gb Paging File | 1.98 Gb Available in Paging File | 85.01% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 16.49 Gb Free Space | 44.27% Space Free | Partition Type: NTFS
Drive F: | 931.50 Gb Total Space | 20.25 Gb Free Space | 2.17% Space Free | Partition Type: NTFS
Drive Z: | 1851.41 Gb Total Space | 402.20 Gb Free Space | 21.72% Space Free | Partition Type: NTFS

Computer Name: JS-DNQV5UD8YBLE | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/21 02:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- F:\Programs\System Tools\OTL.exe
PRC - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/11/28 13:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- F:\Programs\System Tools\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2009/04/15 11:55:49 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/04/24 08:57:35 | 000,011,861 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2009/04/15 11:55:50 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2004/08/03 21:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/14 20:16:16 | 000,324,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/05/20 22:53:26 | 000,249,344 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tridxpm.sys -- (tridxp)
DRV - [2002/09/02 12:16:36 | 000,026,880 | ---- | M] (ALi Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001/08/17 12:28:12 | 000,797,500 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSMT.sys -- (TOSHIBASoftModem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GGL, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\zoek, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/25 13:44:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 09:58:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/12 19:54:13 | 000,000,000 | ---D | M]

[2009/04/15 11:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2010/10/29 07:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\tu9nsqk3.default\extensions
[2012/01/09 09:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/01/25 13:44:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/01/23 08:57:20 | 000,440,161 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15137 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Autodesk DWF) - {F03966D3-8EA0-47B4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/26 12:32:58 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E3 FF FF 03 [binary data]
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\microsoft frontpage\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1259114947371 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/11 16:16:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/25 13:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/01/25 13:45:36 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/25 13:45:36 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/25 13:45:31 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/25 13:45:30 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/25 13:45:30 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/25 13:45:29 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/25 13:45:29 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/25 13:45:28 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/25 13:44:48 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2012/01/25 12:53:05 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/01/17 20:35:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/01/17 16:28:19 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 16:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\TuneXP
[2012/01/11 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2012/01/11 18:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lame
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/25 13:56:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/25 13:45:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/24 22:56:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/23 08:59:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/23 08:57:20 | 000,440,161 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/21 10:02:28 | 000,000,406 | RHS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 16:27:29 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 11:38:09 | 000,440,011 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120123-085720.backup
[2012/01/13 11:31:50 | 000,001,583 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2012/01/13 11:31:48 | 000,003,647 | ---- | M] () -- C:\WINDOWS\SETUP.LST
[2012/01/09 10:10:05 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2012/01/09 09:58:19 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/29 21:54:09 | 000,001,872 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2011/12/29 21:52:55 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Display.lnk
[2011/12/29 21:34:29 | 000,433,034 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/29 21:34:29 | 000,067,950 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/28 23:41:49 | 000,439,884 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120117-113809.backup
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/21 10:02:28 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 12:25:18 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2012/01/13 11:31:48 | 002,363,909 | ---- | C] () -- C:\WINDOWS\XPTune.CAB
[2012/01/13 11:31:48 | 000,003,647 | ---- | C] () -- C:\WINDOWS\SETUP.LST
[2012/01/13 11:31:48 | 000,001,583 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2012/01/09 10:09:58 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2011/12/30 09:25:07 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/12/29 21:54:09 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2011/12/29 21:52:55 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Display.lnk
[2011/06/13 08:19:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2011/05/24 08:59:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2011/03/13 11:06:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2009/10/12 20:40:34 | 000,000,442 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/12 10:39:31 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/04/24 08:57:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/20 09:24:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/15 13:19:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/15 11:45:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/04/15 11:45:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2009/04/15 11:37:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/15 11:37:08 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2009/04/15 11:36:48 | 000,003,131 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/04/15 11:31:38 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/04/15 11:12:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 09:51:32 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 09:44:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2009/04/15 09:09:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 08:59:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/15 04:44:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/15 04:42:36 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/09 13:46:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2006/02/09 13:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2005/10/15 07:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/04/24 00:34:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\videoico.exe
[2003/04/24 00:33:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tvicon.exe
[2003/04/24 00:33:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\RegServe.exe
[2003/04/24 00:32:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\TVCtrl.dll
[2003/04/24 00:32:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\Multview.dll
[2003/04/24 00:32:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LCDCtrl.dll
[2003/04/24 00:31:48 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\GenCtrl.dll
[2003/04/24 00:31:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\CRTCtrl.dll
[2003/04/24 00:31:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ColorCtr.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/03/19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,433,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,067,950 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/06/15 18:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
[2009/04/15 11:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Autodesk
[2012/01/25 13:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2010/07/14 07:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
[2012/01/23 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2011/05/28 19:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Western Digital
[2009/04/15 12:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Autodesk
[2010/06/16 13:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Desktopicon
[2009/04/15 11:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Downloaded Installations
[2009/09/04 13:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\DVDFab
[2012/01/17 12:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\ElevatedDiagnostics
[2012/01/25 17:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\foobar2000
[2009/07/22 15:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\GARMIN
[2009/04/15 11:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\InterTrust
[2009/04/18 18:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\InterVideo
[2012/01/25 17:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mp3tag
[2010/06/10 18:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\uTorrent
[2011/12/02 17:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\WD

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 26 January 2012 - 06:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan (Since you have Avast, tell it not to download and run Avast)
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it. Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

The disk check will run and will probably take an hour or more to finish.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
benny_b
Posted 27 January 2012 - 09:34 AM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
hi Ron,

thank you for your assistance.

i ran into my first snag. i ran combofix as you recommended. i returned to the computer about 90 minutes later and the screen was black. i monitored the hard drive light for a few minutes and there was nothing happening, i tapped on the mousepad and there was no response so i forced a reboot. i forgot that i had my monitor switched to close after 20 minutes, so maybe this was the problem. i also read that i should have disabled windows firewall.

i looked for C:\Combofix.txt but could not find a .txt file.

would it be safe rerun combofix or should i continue with the rest of the instructions?

thanks,
ben

Edited by benny_b, 27 January 2012 - 09:56 AM.

  • 0

#4
RKinner
Posted 27 January 2012 - 12:31 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
You can run it again. I don't think you need to turn off Windows firewall but if you have another firewall you might need to turn it off or at least allow combofix to go out.

If it still doesn't work try it in Safe Mode with networking:

(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)
  • 0

#5
benny_b
Posted 28 January 2012 - 07:37 AM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
i ran combofix agaim with the screen on and windows firewall off. it ran until the "scanning for infected files..." came up and i left it for a couple of hours. when i returned the cursor was flashing, but the hard drive light was off. i rebooted in safe mode with networking, and reran combofix. it booted until the "scanning for infected files..." window. the hard drive light was working for about one minute and then it stopped. i left it overnight, so the program ran for about 14 hours. it was still "scanning for infected files...", there was a flashing cursor, but no hard drive activity.

i read that kapersky might have a fix for this if there is malware blocking the program.
  • 0

#6
RKinner
Posted 28 January 2012 - 11:02 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Go on with the other programs for now and we will revisit Combofix later.
  • 0

#7
benny_b
Posted 28 January 2012 - 02:04 PM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
i ran the rest of the programs, mostly in the right order. speccy was run after the error check. tdsskiller ran fine the first time. the second run with options found 2 moderate risk items that were not labeled "tdss". the "fix" button was not enabled after the aswmbr scan. i have run process explorer in the past to try to figure out what was draining my resources. i tried to unplug external usb devices to see if that would drop the DHPs and HIs, but it didn't change. i later read that i was in an acceptable range so i left it alone. mbam was clean.

12:14:42.0394 2912 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
12:14:42.0724 2912 ============================================================
12:14:42.0724 2912 Current date / time: 2012/01/28 12:14:42.0724
12:14:42.0724 2912 SystemInfo:
12:14:42.0724 2912
12:14:42.0724 2912 OS Version: 5.1.2600 ServicePack: 3.0
12:14:42.0724 2912 Product type: Workstation
12:14:42.0724 2912 ComputerName: JS-DNQV5UD8YBLE
12:14:42.0724 2912 UserName: Mike
12:14:42.0724 2912 Windows directory: C:\WINDOWS
12:14:42.0724 2912 System windows directory: C:\WINDOWS
12:14:42.0724 2912 Processor architecture: Intel x86
12:14:42.0724 2912 Number of processors: 1
12:14:42.0724 2912 Page size: 0x1000
12:14:42.0724 2912 Boot type: Normal boot
12:14:42.0724 2912 ============================================================
12:14:46.0290 2912 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:14:46.0300 2912 Drive \Device\Harddisk1\DR2 - Size: 0xE8E0800000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:14:46.0880 2912 Initialize success
12:14:53.0630 3000 ============================================================
12:14:53.0630 3000 Scan started
12:14:53.0630 3000 Mode: Manual;
12:14:53.0630 3000 ============================================================
12:14:54.0572 3000 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:14:54.0572 3000 Aavmker4 - ok
12:14:54.0712 3000 Abiosdsk - ok
12:14:54.0762 3000 abp480n5 - ok
12:14:54.0872 3000 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:14:54.0872 3000 ACPI - ok
12:14:55.0032 3000 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:14:55.0042 3000 ACPIEC - ok
12:14:55.0182 3000 adpu160m - ok
12:14:55.0263 3000 aeaudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\aeaudio.sys
12:14:55.0273 3000 aeaudio - ok
12:14:55.0583 3000 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:14:55.0593 3000 aec - ok
12:14:55.0783 3000 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:14:55.0783 3000 AFD - ok
12:14:55.0933 3000 Aha154x - ok
12:14:55.0994 3000 aic78u2 - ok
12:14:56.0064 3000 aic78xx - ok
12:14:56.0204 3000 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys
12:14:56.0214 3000 aliadwdm - ok
12:14:56.0424 3000 ALiAGP (66d452067437817f0dbc24ea0c59b91e) C:\WINDOWS\system32\DRIVERS\ALiAGP.sys
12:14:56.0424 3000 ALiAGP - ok
12:14:56.0594 3000 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:14:56.0604 3000 AliIde - ok
12:14:56.0735 3000 amsint - ok
12:14:56.0895 3000 AR5211 (32bf9185a7dc622c00791113d5568662) C:\WINDOWS\system32\DRIVERS\ar5211.sys
12:14:56.0905 3000 AR5211 - ok
12:14:57.0045 3000 asc - ok
12:14:57.0105 3000 asc3350p - ok
12:14:57.0155 3000 asc3550 - ok
12:14:57.0446 3000 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:14:57.0446 3000 aswFsBlk - ok
12:14:57.0626 3000 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
12:14:57.0646 3000 aswMon2 - ok
12:14:57.0826 3000 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
12:14:57.0826 3000 aswRdr - ok
12:14:58.0036 3000 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
12:14:58.0057 3000 aswSnx - ok
12:14:58.0257 3000 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
12:14:58.0267 3000 aswSP - ok
12:14:58.0537 3000 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
12:14:58.0547 3000 aswTdi - ok
12:14:58.0707 3000 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:14:58.0727 3000 AsyncMac - ok
12:14:58.0898 3000 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:14:58.0898 3000 atapi - ok
12:14:59.0028 3000 Atdisk - ok
12:14:59.0138 3000 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:14:59.0138 3000 Atmarpc - ok
12:14:59.0338 3000 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:14:59.0348 3000 audstub - ok
12:14:59.0609 3000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:14:59.0619 3000 Beep - ok
12:14:59.0819 3000 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:14:59.0829 3000 cbidf2k - ok
12:14:59.0979 3000 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:14:59.0989 3000 CCDECODE - ok
12:15:00.0140 3000 cd20xrnt - ok
12:15:00.0240 3000 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\System32\drivers\CDAC15BA.SYS
12:15:00.0240 3000 CdaC15BA - ok
12:15:00.0450 3000 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:15:00.0450 3000 Cdaudio - ok
12:15:00.0670 3000 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:15:00.0680 3000 Cdfs - ok
12:15:00.0891 3000 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:15:00.0891 3000 Cdrom - ok
12:15:01.0151 3000 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:15:01.0161 3000 CmBatt - ok
12:15:01.0301 3000 CmdIde - ok
12:15:01.0431 3000 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:15:01.0441 3000 Compbatt - ok
12:15:01.0652 3000 Cpqarray - ok
12:15:01.0712 3000 dac2w2k - ok
12:15:01.0772 3000 dac960nt - ok
12:15:01.0922 3000 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:15:01.0922 3000 Disk - ok
12:15:02.0172 3000 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:15:02.0192 3000 dmboot - ok
12:15:02.0413 3000 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:15:02.0443 3000 dmio - ok
12:15:02.0613 3000 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:15:02.0613 3000 dmload - ok
12:15:02.0813 3000 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:15:02.0813 3000 DMusic - ok
12:15:03.0014 3000 dpti2o - ok
12:15:03.0194 3000 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:15:03.0204 3000 drmkaud - ok
12:15:03.0554 3000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:15:03.0554 3000 Fastfat - ok
12:15:03.0755 3000 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:15:03.0765 3000 Fdc - ok
12:15:03.0935 3000 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:15:03.0945 3000 Fips - ok
12:15:04.0135 3000 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:15:04.0135 3000 Flpydisk - ok
12:15:04.0306 3000 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:15:04.0306 3000 FltMgr - ok
12:15:04.0586 3000 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:15:04.0596 3000 Fs_Rec - ok
12:15:04.0766 3000 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:15:04.0776 3000 Ftdisk - ok
12:15:04.0976 3000 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:15:04.0986 3000 Gpc - ok
12:15:05.0227 3000 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:15:05.0227 3000 HidUsb - ok
12:15:05.0427 3000 hpn - ok
12:15:05.0587 3000 hpt3xx - ok
12:15:05.0698 3000 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:15:05.0708 3000 HTTP - ok
12:15:05.0868 3000 i2omp - ok
12:15:05.0968 3000 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:15:05.0968 3000 i8042prt - ok
12:15:06.0168 3000 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:15:06.0178 3000 Imapi - ok
12:15:06.0368 3000 ini910u - ok
12:15:06.0469 3000 IntelIde - ok
12:15:06.0559 3000 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:15:06.0569 3000 intelppm - ok
12:15:06.0759 3000 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:15:06.0769 3000 ip6fw - ok
12:15:06.0969 3000 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:15:06.0969 3000 IpFilterDriver - ok
12:15:07.0160 3000 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:15:07.0160 3000 IpInIp - ok
12:15:07.0400 3000 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:15:07.0410 3000 IpNat - ok
12:15:07.0590 3000 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:15:07.0590 3000 IPSec - ok
12:15:07.0781 3000 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:15:07.0781 3000 IRENUM - ok
12:15:07.0991 3000 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:15:08.0001 3000 isapnp - ok
12:15:08.0231 3000 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:15:08.0261 3000 Kbdclass - ok
12:15:08.0461 3000 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:15:08.0471 3000 kmixer - ok
12:15:08.0712 3000 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:15:08.0722 3000 KSecDD - ok
12:15:08.0992 3000 MDC8021X (4fe6172e2fa816c6f55b31e99784fc33) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
12:15:09.0002 3000 MDC8021X - ok
12:15:09.0193 3000 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:15:09.0203 3000 mnmdd - ok
12:15:09.0413 3000 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:15:09.0413 3000 Modem - ok
12:15:09.0613 3000 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:15:09.0613 3000 Mouclass - ok
12:15:09.0823 3000 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:15:09.0833 3000 mouhid - ok
12:15:10.0004 3000 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:15:10.0014 3000 MountMgr - ok
12:15:10.0154 3000 mraid35x - ok
12:15:10.0264 3000 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:15:10.0264 3000 MRxDAV - ok
12:15:10.0484 3000 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:15:10.0504 3000 MRxSmb - ok
12:15:10.0735 3000 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:15:10.0735 3000 Msfs - ok
12:15:10.0935 3000 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:15:10.0935 3000 MSKSSRV - ok
12:15:11.0115 3000 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:15:11.0115 3000 MSPCLOCK - ok
12:15:11.0316 3000 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:15:11.0326 3000 MSPQM - ok
12:15:11.0546 3000 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:15:11.0556 3000 mssmbios - ok
12:15:11.0736 3000 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:15:11.0746 3000 MSTEE - ok
12:15:11.0946 3000 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:15:11.0946 3000 Mup - ok
12:15:12.0137 3000 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:15:12.0147 3000 NABTSFEC - ok
12:15:12.0387 3000 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:15:12.0397 3000 NDIS - ok
12:15:12.0577 3000 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:15:12.0587 3000 NdisIP - ok
12:15:12.0758 3000 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:15:12.0758 3000 NdisTapi - ok
12:15:12.0938 3000 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:15:12.0938 3000 Ndisuio - ok
12:15:13.0138 3000 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:15:13.0138 3000 NdisWan - ok
12:15:13.0298 3000 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:15:13.0308 3000 NDProxy - ok
12:15:13.0589 3000 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:15:13.0599 3000 NetBIOS - ok
12:15:13.0799 3000 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:15:13.0799 3000 NetBT - ok
12:15:14.0120 3000 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:15:14.0130 3000 Npfs - ok
12:15:14.0330 3000 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:15:14.0350 3000 Ntfs - ok
12:15:14.0590 3000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:15:14.0590 3000 Null - ok
12:15:14.0771 3000 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:15:14.0781 3000 NwlnkFlt - ok
12:15:15.0091 3000 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:15:15.0091 3000 NwlnkFwd - ok
12:15:15.0572 3000 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:15:15.0622 3000 Parport - ok
12:15:16.0012 3000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:15:16.0012 3000 PartMgr - ok
12:15:16.0203 3000 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:15:16.0203 3000 ParVdm - ok
12:15:16.0433 3000 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:15:16.0443 3000 PCI - ok
12:15:16.0583 3000 PCIDump - ok
12:15:16.0623 3000 PCIIde - ok
12:15:16.0733 3000 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:15:16.0733 3000 Pcmcia - ok
12:15:16.0864 3000 perc2 - ok
12:15:16.0924 3000 perc2hib - ok
12:15:17.0254 3000 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:15:17.0264 3000 PptpMiniport - ok
12:15:17.0494 3000 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
12:15:17.0504 3000 Processor - ok
12:15:17.0705 3000 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:15:17.0715 3000 PSched - ok
12:15:17.0875 3000 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:15:17.0875 3000 Ptilink - ok
12:15:18.0085 3000 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:15:18.0095 3000 PxHelp20 - ok
12:15:18.0236 3000 ql1080 - ok
12:15:18.0296 3000 Ql10wnt - ok
12:15:18.0346 3000 ql12160 - ok
12:15:18.0406 3000 ql1240 - ok
12:15:18.0486 3000 ql1280 - ok
12:15:18.0566 3000 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:15:18.0566 3000 RasAcd - ok
12:15:18.0776 3000 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:15:18.0786 3000 Rasl2tp - ok
12:15:18.0987 3000 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:15:18.0997 3000 RasPppoe - ok
12:15:19.0157 3000 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:15:19.0157 3000 Raspti - ok
12:15:19.0357 3000 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:15:19.0387 3000 Rdbss - ok
12:15:19.0567 3000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:15:19.0567 3000 RDPCDD - ok
12:15:19.0768 3000 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:15:19.0788 3000 rdpdr - ok
12:15:19.0978 3000 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:15:19.0988 3000 RDPWD - ok
12:15:20.0208 3000 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:15:20.0208 3000 redbook - ok
12:15:20.0689 3000 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
12:15:20.0699 3000 RTL8023xp - ok
12:15:20.0899 3000 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:15:20.0899 3000 rtl8139 - ok
12:15:21.0150 3000 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:15:21.0150 3000 sdbus - ok
12:15:21.0340 3000 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:15:21.0360 3000 Secdrv - ok
12:15:21.0600 3000 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
12:15:21.0600 3000 Serial - ok
12:15:21.0891 3000 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:15:21.0901 3000 Sfloppy - ok
12:15:22.0091 3000 Simbad - ok
12:15:22.0181 3000 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:15:22.0191 3000 SLIP - ok
12:15:22.0432 3000 smwdm (5018a9db5eb62e3edb3110f82f556285) C:\WINDOWS\system32\drivers\smwdm.sys
12:15:22.0452 3000 smwdm - ok
12:15:22.0622 3000 Sparrow - ok
12:15:22.0702 3000 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:15:22.0702 3000 splitter - ok
12:15:22.0882 3000 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:15:22.0892 3000 sr - ok
12:15:23.0133 3000 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:15:23.0153 3000 Srv - ok
12:15:23.0343 3000 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:15:23.0353 3000 streamip - ok
12:15:23.0613 3000 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:15:23.0613 3000 swenum - ok
12:15:23.0804 3000 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:15:23.0814 3000 swmidi - ok
12:15:24.0004 3000 symc810 - ok
12:15:24.0064 3000 symc8xx - ok
12:15:24.0114 3000 sym_hi - ok
12:15:24.0174 3000 sym_u3 - ok
12:15:24.0294 3000 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:15:24.0304 3000 sysaudio - ok
12:15:24.0605 3000 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:15:24.0615 3000 Tcpip - ok
12:15:24.0785 3000 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:15:24.0795 3000 TDPIPE - ok
12:15:24.0975 3000 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:15:24.0975 3000 TDTCP - ok
12:15:25.0166 3000 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:15:25.0176 3000 TermDD - ok
12:15:25.0516 3000 TOSHIBASoftModem (e088ee80dd64a7106fbddc5498cfed2f) C:\WINDOWS\system32\DRIVERS\LTSMT.sys
12:15:25.0536 3000 TOSHIBASoftModem - ok
12:15:25.0676 3000 TosIde - ok
12:15:25.0796 3000 tridxp (083ec4080298784e8eea244a4f8d615e) C:\WINDOWS\system32\DRIVERS\tridxpm.sys
12:15:25.0806 3000 tridxp - ok
12:15:26.0047 3000 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:15:26.0047 3000 Udfs - ok
12:15:26.0187 3000 ultra - ok
12:15:26.0277 3000 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:15:26.0297 3000 Update - ok
12:15:26.0608 3000 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:15:26.0618 3000 usbaudio - ok
12:15:26.0778 3000 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:15:26.0778 3000 usbccgp - ok
12:15:26.0978 3000 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:15:26.0978 3000 usbehci - ok
12:15:27.0168 3000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:15:27.0178 3000 usbhub - ok
12:15:27.0369 3000 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:15:27.0379 3000 usbohci - ok
12:15:27.0559 3000 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:15:27.0569 3000 usbprint - ok
12:15:27.0749 3000 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:15:27.0759 3000 USBSTOR - ok
12:15:27.0929 3000 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:15:27.0939 3000 usbvideo - ok
12:15:28.0120 3000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:15:28.0130 3000 VgaSave - ok
12:15:28.0270 3000 ViaIde - ok
12:15:28.0380 3000 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:15:28.0400 3000 VolSnap - ok
12:15:28.0630 3000 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:15:28.0630 3000 Wanarp - ok
12:15:28.0841 3000 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:15:28.0841 3000 WDC_SAM - ok
12:15:29.0031 3000 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:15:29.0031 3000 wdmaud - ok
12:15:29.0482 3000 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:15:29.0482 3000 WpdUsb - ok
12:15:29.0642 3000 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:15:29.0642 3000 WS2IFSL - ok
12:15:29.0872 3000 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:15:29.0882 3000 WSTCODEC - ok
12:15:30.0073 3000 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:15:30.0083 3000 WudfPf - ok
12:15:30.0273 3000 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:15:30.0463 3000 \Device\Harddisk0\DR0 - ok
12:15:30.0954 3000 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
12:15:30.0954 3000 \Device\Harddisk1\DR2 - ok
12:15:31.0004 3000 Boot (0x1200) (3772030e7582daa31d19004ee9e7abe9) \Device\Harddisk0\DR0\Partition0
12:15:31.0004 3000 \Device\Harddisk0\DR0\Partition0 - ok
12:15:31.0024 3000 Boot (0x1200) (1d7861f1814c840da8706122fecdfe95) \Device\Harddisk1\DR2\Partition0
12:15:31.0024 3000 \Device\Harddisk1\DR2\Partition0 - ok
12:15:31.0044 3000 ============================================================
12:15:31.0044 3000 Scan finished
12:15:31.0044 3000 ============================================================
12:15:31.0124 3004 Detected object count: 0
12:15:31.0124 3004 Actual detected object count: 0
12:16:34.0125 3724 ============================================================
12:16:34.0125 3724 Scan started
12:16:34.0125 3724 Mode: Manual; SigCheck; TDLFS;
12:16:34.0125 3724 ============================================================
12:16:35.0016 3724 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:16:35.0216 3724 Aavmker4 - ok
12:16:35.0396 3724 Abiosdsk - ok
12:16:35.0437 3724 abp480n5 - ok
12:16:35.0557 3724 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:16:37.0500 3724 ACPI - ok
12:16:37.0710 3724 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:16:38.0000 3724 ACPIEC - ok
12:16:38.0160 3724 adpu160m - ok
12:16:38.0271 3724 aeaudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\aeaudio.sys
12:16:38.0311 3724 aeaudio - ok
12:16:38.0541 3724 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:16:38.0791 3724 aec - ok
12:16:38.0972 3724 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:16:39.0012 3724 AFD - ok
12:16:39.0132 3724 Aha154x - ok
12:16:39.0212 3724 aic78u2 - ok
12:16:39.0262 3724 aic78xx - ok
12:16:39.0412 3724 aliadwdm (065a6d38a79216592de03f3525d6296e) C:\WINDOWS\system32\drivers\ac97ali.sys
12:16:39.0713 3724 aliadwdm - ok
12:16:39.0913 3724 ALiAGP (66d452067437817f0dbc24ea0c59b91e) C:\WINDOWS\system32\DRIVERS\ALiAGP.sys
12:16:39.0953 3724 ALiAGP - ok
12:16:40.0163 3724 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:16:40.0454 3724 AliIde - ok
12:16:40.0624 3724 amsint - ok
12:16:40.0744 3724 AR5211 (32bf9185a7dc622c00791113d5568662) C:\WINDOWS\system32\DRIVERS\ar5211.sys
12:16:40.0774 3724 AR5211 - ok
12:16:40.0904 3724 asc - ok
12:16:40.0964 3724 asc3350p - ok
12:16:41.0025 3724 asc3550 - ok
12:16:41.0205 3724 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:16:41.0225 3724 aswFsBlk - ok
12:16:41.0405 3724 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
12:16:41.0425 3724 aswMon2 - ok
12:16:41.0605 3724 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
12:16:41.0635 3724 aswRdr - ok
12:16:41.0826 3724 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
12:16:41.0886 3724 aswSnx - ok
12:16:42.0066 3724 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
12:16:42.0096 3724 aswSP - ok
12:16:42.0276 3724 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
12:16:42.0286 3724 aswTdi - ok
12:16:42.0447 3724 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:16:42.0717 3724 AsyncMac - ok
12:16:42.0957 3724 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:16:43.0258 3724 atapi - ok
12:16:43.0398 3724 Atdisk - ok
12:16:43.0488 3724 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:16:43.0809 3724 Atmarpc - ok
12:16:44.0009 3724 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:16:44.0319 3724 audstub - ok
12:16:44.0550 3724 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:16:44.0860 3724 Beep - ok
12:16:45.0110 3724 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:16:45.0411 3724 cbidf2k - ok
12:16:45.0651 3724 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:16:45.0932 3724 CCDECODE - ok
12:16:46.0092 3724 cd20xrnt - ok
12:16:46.0192 3724 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\System32\drivers\CDAC15BA.SYS
12:16:46.0232 3724 CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
12:16:46.0232 3724 CdaC15BA - detected UnsignedFile.Multi.Generic (1)
12:16:46.0382 3724 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:16:46.0673 3724 Cdaudio - ok
12:16:46.0833 3724 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:16:47.0143 3724 Cdfs - ok
12:16:47.0304 3724 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:16:47.0604 3724 Cdrom - ok
12:16:47.0914 3724 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:16:48.0245 3724 CmBatt - ok
12:16:48.0385 3724 CmdIde - ok
12:16:48.0455 3724 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:16:48.0726 3724 Compbatt - ok
12:16:48.0946 3724 Cpqarray - ok
12:16:49.0026 3724 dac2w2k - ok
12:16:49.0086 3724 dac960nt - ok
12:16:49.0236 3724 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:16:49.0517 3724 Disk - ok
12:16:49.0777 3724 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:16:50.0108 3724 dmboot - ok
12:16:50.0388 3724 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:16:50.0638 3724 dmio - ok
12:16:50.0799 3724 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:16:51.0109 3724 dmload - ok
12:16:51.0319 3724 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:16:51.0630 3724 DMusic - ok
12:16:51.0790 3724 dpti2o - ok
12:16:51.0900 3724 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:16:52.0171 3724 drmkaud - ok
12:16:52.0541 3724 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:16:52.0822 3724 Fastfat - ok
12:16:53.0082 3724 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:16:53.0372 3724 Fdc - ok
12:16:53.0623 3724 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:16:53.0923 3724 Fips - ok
12:16:54.0083 3724 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:16:54.0374 3724 Flpydisk - ok
12:16:54.0604 3724 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:16:54.0895 3724 FltMgr - ok
12:16:55.0055 3724 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:16:55.0315 3724 Fs_Rec - ok
12:16:55.0505 3724 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:16:55.0786 3724 Ftdisk - ok
12:16:55.0996 3724 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:16:56.0266 3724 Gpc - ok
12:16:56.0497 3724 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:16:56.0797 3724 HidUsb - ok
12:16:56.0947 3724 hpn - ok
12:16:56.0998 3724 hpt3xx - ok
12:16:57.0138 3724 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:16:57.0188 3724 HTTP - ok
12:16:57.0368 3724 i2omp - ok
12:16:57.0468 3724 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:16:57.0739 3724 i8042prt - ok
12:16:57.0989 3724 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:16:58.0269 3724 Imapi - ok
12:16:58.0470 3724 ini910u - ok
12:16:58.0650 3724 IntelIde - ok
12:16:58.0770 3724 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:16:59.0030 3724 intelppm - ok
12:16:59.0231 3724 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:16:59.0501 3724 ip6fw - ok
12:16:59.0701 3724 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:16:59.0992 3724 IpFilterDriver - ok
12:17:00.0242 3724 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:17:00.0533 3724 IpInIp - ok
12:17:00.0753 3724 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:17:01.0033 3724 IpNat - ok
12:17:01.0254 3724 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:17:01.0534 3724 IPSec - ok
12:17:01.0724 3724 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:17:01.0835 3724 IRENUM - ok
12:17:02.0075 3724 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:17:02.0335 3724 isapnp - ok
12:17:02.0525 3724 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:17:02.0826 3724 Kbdclass - ok
12:17:03.0036 3724 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:17:03.0337 3724 kmixer - ok
12:17:03.0587 3724 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:17:03.0637 3724 KSecDD - ok
12:17:03.0897 3724 MDC8021X (4fe6172e2fa816c6f55b31e99784fc33) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
12:17:03.0928 3724 MDC8021X ( UnsignedFile.Multi.Generic ) - warning
12:17:03.0928 3724 MDC8021X - detected UnsignedFile.Multi.Generic (1)
12:17:04.0128 3724 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:17:04.0388 3724 mnmdd - ok
12:17:04.0649 3724 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:17:04.0929 3724 Modem - ok
12:17:05.0129 3724 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:17:05.0390 3724 Mouclass - ok
12:17:05.0630 3724 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:17:05.0950 3724 mouhid - ok
12:17:06.0181 3724 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:17:06.0461 3724 MountMgr - ok
12:17:06.0651 3724 mraid35x - ok
12:17:06.0752 3724 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:17:07.0042 3724 MRxDAV - ok
12:17:07.0292 3724 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:17:07.0382 3724 MRxSmb - ok
12:17:07.0613 3724 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:17:07.0903 3724 Msfs - ok
12:17:08.0134 3724 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:17:08.0394 3724 MSKSSRV - ok
12:17:08.0634 3724 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:17:08.0945 3724 MSPCLOCK - ok
12:17:09.0135 3724 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:17:09.0445 3724 MSPQM - ok
12:17:09.0686 3724 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:17:09.0946 3724 mssmbios - ok
12:17:10.0187 3724 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:17:10.0457 3724 MSTEE - ok
12:17:10.0677 3724 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:17:10.0717 3724 Mup - ok
12:17:10.0867 3724 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:17:11.0158 3724 NABTSFEC - ok
12:17:11.0348 3724 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:17:11.0639 3724 NDIS - ok
12:17:11.0799 3724 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:17:12.0069 3724 NdisIP - ok
12:17:12.0270 3724 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:17:12.0300 3724 NdisTapi - ok
12:17:12.0490 3724 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:17:12.0780 3724 Ndisuio - ok
12:17:12.0971 3724 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:17:13.0221 3724 NdisWan - ok
12:17:13.0371 3724 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:17:13.0421 3724 NDProxy - ok
12:17:13.0621 3724 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:17:13.0892 3724 NetBIOS - ok
12:17:14.0092 3724 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:17:14.0383 3724 NetBT - ok
12:17:14.0733 3724 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:17:15.0003 3724 Npfs - ok
12:17:15.0224 3724 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:17:15.0534 3724 Ntfs - ok
12:17:15.0745 3724 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:17:16.0025 3724 Null - ok
12:17:16.0315 3724 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:17:16.0596 3724 NwlnkFlt - ok
12:17:16.0766 3724 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:17:17.0056 3724 NwlnkFwd - ok
12:17:17.0287 3724 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:17:17.0597 3724 Parport - ok
12:17:17.0767 3724 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:17:18.0018 3724 PartMgr - ok
12:17:18.0328 3724 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:17:18.0609 3724 ParVdm - ok
12:17:18.0819 3724 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:17:19.0079 3724 PCI - ok
12:17:19.0270 3724 PCIDump - ok
12:17:19.0330 3724 PCIIde - ok
12:17:19.0430 3724 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:17:19.0710 3724 Pcmcia - ok
12:17:19.0900 3724 perc2 - ok
12:17:19.0951 3724 perc2hib - ok
12:17:20.0271 3724 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:17:20.0551 3724 PptpMiniport - ok
12:17:20.0752 3724 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
12:17:21.0032 3724 Processor - ok
12:17:21.0222 3724 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:17:21.0503 3724 PSched - ok
12:17:21.0713 3724 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:17:21.0963 3724 Ptilink - ok
12:17:22.0154 3724 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:17:22.0174 3724 PxHelp20 - ok
12:17:22.0284 3724 ql1080 - ok
12:17:22.0344 3724 Ql10wnt - ok
12:17:22.0404 3724 ql12160 - ok
12:17:22.0454 3724 ql1240 - ok
12:17:22.0504 3724 ql1280 - ok
12:17:22.0644 3724 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:17:22.0955 3724 RasAcd - ok
12:17:23.0225 3724 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:17:23.0496 3724 Rasl2tp - ok
12:17:23.0766 3724 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:17:24.0066 3724 RasPppoe - ok
12:17:24.0217 3724 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:17:24.0487 3724 Raspti - ok
12:17:24.0687 3724 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:17:24.0958 3724 Rdbss - ok
12:17:25.0158 3724 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:17:25.0408 3724 RDPCDD - ok
12:17:25.0649 3724 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:17:25.0959 3724 rdpdr - ok
12:17:26.0159 3724 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:17:26.0230 3724 RDPWD - ok
12:17:26.0390 3724 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:17:26.0660 3724 redbook - ok
12:17:26.0981 3724 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
12:17:27.0081 3724 RTL8023xp - ok
12:17:27.0281 3724 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:17:27.0511 3724 rtl8139 - ok
12:17:27.0762 3724 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:17:28.0062 3724 sdbus - ok
12:17:28.0293 3724 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:17:28.0433 3724 Secdrv - ok
12:17:28.0763 3724 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
12:17:29.0044 3724 Serial - ok
12:17:29.0384 3724 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:17:29.0644 3724 Sfloppy - ok
12:17:29.0845 3724 Simbad - ok
12:17:29.0925 3724 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:17:30.0215 3724 SLIP - ok
12:17:30.0426 3724 smwdm (5018a9db5eb62e3edb3110f82f556285) C:\WINDOWS\system32\drivers\smwdm.sys
12:17:30.0516 3724 smwdm - ok
12:17:30.0686 3724 Sparrow - ok
12:17:30.0866 3724 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:17:31.0127 3724 splitter - ok
12:17:31.0357 3724 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:17:31.0457 3724 sr - ok
12:17:31.0727 3724 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:17:31.0788 3724 Srv - ok
12:17:31.0968 3724 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:17:32.0248 3724 streamip - ok
12:17:32.0499 3724 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:17:32.0759 3724 swenum - ok
12:17:32.0949 3724 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:17:33.0240 3724 swmidi - ok
12:17:33.0400 3724 symc810 - ok
12:17:33.0450 3724 symc8xx - ok
12:17:33.0520 3724 sym_hi - ok
12:17:33.0580 3724 sym_u3 - ok
12:17:33.0690 3724 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:17:33.0931 3724 sysaudio - ok
12:17:34.0191 3724 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:17:34.0281 3724 Tcpip - ok
12:17:34.0461 3724 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:17:34.0722 3724 TDPIPE - ok
12:17:34.0932 3724 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:17:35.0233 3724 TDTCP - ok
12:17:35.0423 3724 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:17:35.0683 3724 TermDD - ok
12:17:35.0994 3724 TOSHIBASoftModem (e088ee80dd64a7106fbddc5498cfed2f) C:\WINDOWS\system32\DRIVERS\LTSMT.sys
12:17:36.0314 3724 TOSHIBASoftModem - ok
12:17:36.0544 3724 TosIde - ok
12:17:36.0665 3724 tridxp (083ec4080298784e8eea244a4f8d615e) C:\WINDOWS\system32\DRIVERS\tridxpm.sys
12:17:36.0705 3724 tridxp - ok
12:17:36.0915 3724 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:17:37.0205 3724 Udfs - ok
12:17:37.0386 3724 ultra - ok
12:17:37.0506 3724 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:17:37.0796 3724 Update - ok
12:17:38.0017 3724 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:17:38.0297 3724 usbaudio - ok
12:17:38.0467 3724 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:17:38.0738 3724 usbccgp - ok
12:17:38.0908 3724 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:17:39.0178 3724 usbehci - ok
12:17:39.0449 3724 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:17:39.0719 3724 usbhub - ok
12:17:39.0929 3724 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:17:40.0190 3724 usbohci - ok
12:17:40.0440 3724 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:17:40.0720 3724 usbprint - ok
12:17:40.0911 3724 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:17:41.0171 3724 USBSTOR - ok
12:17:41.0421 3724 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:17:41.0702 3724 usbvideo - ok
12:17:41.0892 3724 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:17:42.0162 3724 VgaSave - ok
12:17:42.0393 3724 ViaIde - ok
12:17:42.0573 3724 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:17:42.0894 3724 VolSnap - ok
12:17:43.0214 3724 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:17:43.0464 3724 Wanarp - ok
12:17:43.0725 3724 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
12:17:43.0835 3724 WDC_SAM - ok
12:17:44.0005 3724 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:17:44.0276 3724 wdmaud - ok
12:17:44.0746 3724 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:17:44.0786 3724 WpdUsb - ok
12:17:44.0946 3724 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:17:45.0207 3724 WS2IFSL - ok
12:17:45.0417 3724 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:17:45.0708 3724 WSTCODEC - ok
12:17:45.0868 3724 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:17:45.0918 3724 WudfPf - ok
12:17:46.0108 3724 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:17:46.0389 3724 \Device\Harddisk0\DR0 - ok
12:17:46.0909 3724 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
12:17:47.0080 3724 \Device\Harddisk1\DR2 - ok
12:17:47.0130 3724 Boot (0x1200) (3772030e7582daa31d19004ee9e7abe9) \Device\Harddisk0\DR0\Partition0
12:17:47.0140 3724 \Device\Harddisk0\DR0\Partition0 - ok
12:17:47.0180 3724 Boot (0x1200) (1d7861f1814c840da8706122fecdfe95) \Device\Harddisk1\DR2\Partition0
12:17:47.0180 3724 \Device\Harddisk1\DR2\Partition0 - ok
12:17:47.0180 3724 ============================================================
12:17:47.0180 3724 Scan finished
12:17:47.0180 3724 ============================================================
12:17:47.0350 4048 Detected object count: 2
12:17:47.0350 4048 Actual detected object count: 2
12:19:17.0089 4048 CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:17.0089 4048 CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:17.0109 4048 MDC8021X ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:17.0109 4048 MDC8021X ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:19.0223 2908 Deinitialize success


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-01-28 12:27:52
-----------------------------
12:27:52.039 OS Version: Windows 5.1.2600 Service Pack 3
12:27:52.039 Number of processors: 1 586 0x209
12:27:52.039 ComputerName: JS-DNQV5UD8YBLE UserName: Mike
12:27:54.363 Initialize success
12:27:54.653 AVAST engine defs: 12012800
12:28:36.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:28:36.463 Disk 0 Vendor: IC25N040ATMR04-0 MO2OAD4A Size: 38154MB BusType: 3
12:28:36.483 Disk 0 MBR read successfully
12:28:36.483 Disk 0 MBR scan
12:28:36.493 Disk 0 Windows XP default MBR code
12:28:36.493 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
12:28:36.503 Disk 0 scanning sectors +78140160
12:28:36.774 Disk 0 scanning C:\WINDOWS\system32\drivers
12:28:53.338 Service scanning
12:28:54.740 Modules scanning
12:29:10.703 AVAST engine scan C:\WINDOWS
12:29:21.839 AVAST engine scan C:\WINDOWS\system32
12:32:50.028 AVAST engine scan C:\WINDOWS\system32\drivers
12:33:16.135 AVAST engine scan C:\Documents and Settings\Mike
12:36:22.624 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
12:37:15.770 Scan finished successfully
12:38:17.589 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Mike\Desktop\MBR.dat"
12:38:17.599 The log file has been saved successfully to "C:\Documents and Settings\Mike\Desktop\aswMBR.txt"


Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.28.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mike :: JS-DNQV5UD8YBLE [administrator]

1/28/2012 12:51:46 PM
mbam-log-2012-01-28 (12-51-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 289614
Time elapsed: 12 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 91.18 0 K 16 K
procexp.exe 3156 2.94 9,788 K 14,004 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
DPCs n/a 2.94 0 K 0 K Deferred Procedure Calls
Interrupts n/a 1.96 0 K 0 K Hardware Interrupts
services.exe 780 0.98 1,892 K 4,296 K Services and Controller app Microsoft Corporation
wmiprvse.exe 2916 2,616 K 5,264 K WMI Microsoft Corporation
winlogon.exe 736 6,388 K 2,032 K Windows NT Logon Application Microsoft Corporation
uphclean.exe 1928 796 K 1,644 K User Profile Hive Cleanup Service Windows ® Codename Longhorn DDK provider
System 4 0 K 228 K
svchost.exe 1076 19,544 K 30,812 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 944 1,556 K 3,860 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1028 1,960 K 4,604 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1116 2,612 K 3,764 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1224 5,116 K 7,548 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1260 1,760 K 4,388 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1680 1,544 K 4,128 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1856 2,712 K 4,692 K Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1440 3,700 K 5,768 K Spooler SubSystem App Microsoft Corporation
smss.exe 440 172 K 416 K Windows NT Session Manager Microsoft Corporation
lsass.exe 792 3,956 K 1,208 K LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1544 26,076 K 15,976 K Windows Explorer Microsoft Corporation
ctfmon.exe 1104 1,140 K 3,596 K CTF Loader Microsoft Corporation
csrss.exe 712 1,640 K 3,808 K Client Server Runtime Process Microsoft Corporation
AvastUI.exe 604 14,804 K 7,188 K avast! Antivirus AVAST Software
AvastSvc.exe 1740 14,816 K 1,108 K avast! Service AVAST Software
alg.exe 628 1,412 K 3,968 K Application Layer Gateway Service Microsoft Corporation



Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/01/2012 2:38:15 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/01/2012 2:41:16 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


i hope that's everything. thanks Ron!
  • 0

#8
RKinner
Posted 28 January 2012 - 04:35 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
From Process Explorer:

DPCs n/a 2.94 0 K 0 K Deferred Procedure Calls
Interrupts n/a 1.96 0 K 0 K Hardware Interrupts

These are both too high and will slow down the PC a lot more than their low % numbers would seem to indicate. Finding out what is causing them may take some digging. I've fixed this on a laptop several times by simply removing the battery. Seems when they get old they load down the power supply and things get marginal. Other times it's a driver. Boot into Safe Mode with Networking (Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)
and run Process Explorer again and let's see what it says.


The driver found by TDSSKiller

12:15:00.0240 3000 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\System32\drivers\CDAC15BA.SYS

Is an old copy protection scheme used one year by TurboTax. (There was a rumor it was also used by some games but I've never seen it used by anything but TurboTax and that was only for one year about 8 years ago because it stayed resident and slowed down your PC even when Turbotax was not running so there was a big stink about it and it lost them a lot of customers. You have its service disabled:
SRV - [2009/04/15 11:55:49 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
so it's not doing anything useful so I would let TDSSKiller remove it. Maybe we wil get lucky. The other driver it found was from a wireless adapter - probably harmless.)


Still waiting for the Speccy log by the way. Please Attach it as it keeps the spacing and makes it easier to read.
  • 0

#9
benny_b
Posted 28 January 2012 - 06:05 PM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
i thought i had attached the speccy log. i'll try again. i had noticed mp cpu usage fluctuating a lot the last few months with no obvious processes involved, which was why i installed process explorer. also, last summer my computer crashed and i received a report that it was due to my security log being full. i read somewhere to change the settings so that the log didn't fill up. i can't remember exactly what i did, but i may have disabled it or changed it's settings. i'm not sure what i would do to restore it if needed. i mention this because you had me send you some event logs and i had forgotten that i had done this. here is the procexp log in safe mode.

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 95.05 0 K 16 K
procexp.exe 1832 2.97 9,068 K 13,200 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
Interrupts n/a 1.98 0 K 0 K Hardware Interrupts
wmiprvse.exe 1912 2,324 K 4,904 K WMI Microsoft Corporation
winlogon.exe 624 3,224 K 1,152 K Windows NT Logon Application Microsoft Corporation
System 4 0 K 212 K
svchost.exe 988 7,996 K 12,316 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 916 1,612 K 4,120 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 828 1,296 K 3,480 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1048 4,640 K 6,512 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1092 1,172 K 3,236 K Generic Host Process for Win32 Services Microsoft Corporation
smss.exe 368 168 K 416 K Windows NT Session Manager Microsoft Corporation
services.exe 668 1,636 K 3,288 K Services and Controller app Microsoft Corporation
lsass.exe 680 2,156 K 892 K LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1692 12,828 K 17,428 K Windows Explorer Microsoft Corporation
DPCs n/a 0 K 0 K Deferred Procedure Calls
csrss.exe 600 1,552 K 3,228 K Client Server Runtime Process Microsoft Corporation

Attached Files


  • 0

#10
RKinner
Posted 29 January 2012 - 02:14 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Appears this is a laptop and it's running a bit warm. Uninstall Speccy and download SpeedFan.

http://www.almico.com/sfdownload.php

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

It will tell you your temps. If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop. What it does on a laptop if it works is turn the fan on full which seems to help.
A hot CPU is a slow CPU since they slow down to protect themselves from the heat.

Your latest Safe Mode Process Explorer shows:
DPCs n/a 0 K 0 K Deferred Procedure Calls

This is a big improvement over

DPCs n/a 2.94 0 K 0 K Deferred Procedure Calls

so probably some driver that is not active in Safe Mode is the culprit. Run OTL in Safe Mode with Networking and click the All button in the Drivers section then Run Scan. Copy and paste the log. Then Shutdown, pull the battery and reboot into regular mode and do the same thing. Also run Process Explorer without the Battery. (I'm assuming this is not one of those where removing the battery is a major undertaking.)

Get Autoruns
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin. File, Save, to your desktop, autoruns.arn, OK

Either zip up the file if you have the ability (7-zip works nicely) or just rename it from autoruns.arn to autoruns.txt then ATTACH it. Do not copy and paste.

Ron
  • 0

Advertisements

#11
benny_b
Posted 29 January 2012 - 03:15 PM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
the current operating temps are as follows:
local temp 44c
remote temp 45c (jumps to 48c with application launch)
HDO 33c
Temp 1 45c (jumps to 48c with application launch)

it did jump to 50c briefly once when i was switching screens and cpu was spiking, but quickly settled back to 45c.

i enabled automatic fan speed and that didn't seem to change much, maybe a degree off or not.

i am also using a laptop cooling fan base. it has a large 6" fan.

the battery was a simple clasp to remove.

the first log is OTL driver full scan in safe mode. the rest are all without the battery in normal mode.

OTL logfile created on: 1/29/2012 1:47:24 PM - Run 3
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.48 Mb Total Physical Memory | 784.02 Mb Available Physical Memory | 79.07% Memory free
2.33 Gb Paging File | 2.27 Gb Available in Paging File | 97.27% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 15.65 Gb Free Space | 42.00% Space Free | Partition Type: NTFS
Drive Z: | 1851.41 Gb Total Space | 402.20 Gb Free Space | 21.72% Space Free | Partition Type: NTFS

Computer Name: JS-DNQV5UD8YBLE | User Name: Mike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/26 01:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Stopped] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2009/04/15 11:55:49 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (All) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpt3xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/17 08:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 08:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 09:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/06/24 09:10:36 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/04/21 08:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011/02/17 08:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/04/24 08:57:35 | 000,011,861 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2009/04/15 11:55:50 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/20 12:58:58 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 04:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 04:43:22 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/14 04:43:22 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/14 00:16:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/14 00:16:26 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/14 00:16:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/14 00:16:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/14 00:16:24 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/14 00:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/14 00:09:52 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 23:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 23:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 23:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 23:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 23:48:02 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 23:45:46 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 23:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 23:30:20 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 23:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 23:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 23:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 23:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 23:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 23:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 23:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 23:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 23:26:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 23:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 23:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 23:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 23:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 23:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/04/13 23:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 23:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 23:15:36 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 23:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 23:14:50 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 23:14:48 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 23:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 23:11:02 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 23:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 23:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 23:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 23:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 23:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 23:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 23:10:12 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 23:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 23:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 23:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 23:09:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 23:09:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 23:06:54 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 23:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 23:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 23:06:46 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 23:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 23:06:36 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008/04/13 23:03:30 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 23:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 23:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 23:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 23:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 23:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 23:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 23:01:34 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 23:01:32 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 21:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/10/18 19:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2004/08/03 21:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/14 20:16:16 | 000,324,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/05/20 22:53:26 | 000,249,344 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridxpm.sys -- (tridxp)
DRV - [2003/05/06 08:14:34 | 000,580,992 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/03/13 17:34:48 | 000,100,224 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/09/02 12:16:36 | 000,026,880 | ---- | M] (ALi Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001/08/23 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/23 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001/08/23 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001/08/23 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001/08/23 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/23 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001/08/23 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/23 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001/08/23 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001/08/23 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001/08/23 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001/08/23 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001/08/23 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001/08/23 07:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001/08/23 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001/08/17 12:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 12:28:12 | 000,797,500 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LTSMT.sys -- (TOSHIBASoftModem)
DRV - [2001/08/17 08:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GGL, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\zoek, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/25 13:44:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 09:58:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/12 19:54:13 | 000,000,000 | ---D | M]

[2009/04/15 11:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2010/10/29 07:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\tu9nsqk3.default\extensions
[2012/01/09 09:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/01/25 13:44:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/01/23 08:57:20 | 000,440,161 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15137 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Autodesk DWF) - {F03966D3-8EA0-47B4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/26 12:32:58 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\microsoft frontpage\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1259114947371 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/11 16:16:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/29 13:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\SpeedFan
[2012/01/29 13:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2012/01/28 14:36:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:31 | 004,423,984 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 12:49:26 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 12:47:48 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:27:01 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:11 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 17:40:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/01/27 08:55:42 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/27 08:50:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/27 08:50:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/27 08:50:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/27 08:50:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/27 08:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/27 08:49:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/27 08:49:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\My Documents\My Videos
[2012/01/27 08:46:36 | 004,391,956 | R--- | C] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/01/25 13:45:36 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/25 13:45:36 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/25 13:45:31 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/25 13:45:30 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/25 13:45:30 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/25 13:45:29 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/25 13:45:29 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/25 13:45:28 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/25 13:44:48 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2012/01/25 12:53:05 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/01/17 20:35:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/01/17 16:28:19 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 16:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\TuneXP
[2012/01/17 12:23:20 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2012/01/17 12:23:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2012/01/17 12:16:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2012/01/11 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2012/01/11 18:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lame
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/29 13:45:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/29 13:38:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:22 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:28 | 002,108,256 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 14:36:32 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:42 | 004,423,984 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:48:16 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:38:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/28 12:27:25 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:46 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 08:55:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/27 08:46:38 | 004,391,956 | R--- | M] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/24 22:56:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/23 08:59:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/23 08:57:20 | 000,440,161 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/21 10:02:28 | 000,000,406 | RHS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 16:27:29 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 11:38:09 | 000,440,011 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120123-085720.backup
[2012/01/13 11:31:50 | 000,001,583 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2012/01/13 11:31:48 | 000,003,647 | ---- | M] () -- C:\WINDOWS\SETUP.LST
[2012/01/09 10:10:05 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2012/01/09 09:58:19 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/29 13:38:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:19 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:24 | 002,108,256 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:38:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/27 08:55:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/01/27 08:55:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/01/27 08:50:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/27 08:50:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/27 08:50:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/27 08:50:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/27 08:50:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/21 10:02:28 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 12:25:18 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2012/01/13 11:31:48 | 002,363,909 | ---- | C] () -- C:\WINDOWS\XPTune.CAB
[2012/01/13 11:31:48 | 000,003,647 | ---- | C] () -- C:\WINDOWS\SETUP.LST
[2012/01/13 11:31:48 | 000,001,583 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2012/01/09 10:09:58 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2011/06/13 08:19:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2011/05/24 08:59:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2011/03/13 11:06:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2009/10/12 20:40:34 | 000,000,442 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/12 10:39:31 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/04/24 08:57:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/20 09:24:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/15 13:19:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/15 11:45:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/04/15 11:45:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2009/04/15 11:37:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/15 11:37:08 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2009/04/15 11:36:48 | 000,003,131 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/04/15 11:31:38 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/04/15 11:12:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 09:51:32 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 09:44:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2009/04/15 09:09:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 08:59:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/15 04:44:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/15 04:42:36 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/09 13:46:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2006/02/09 13:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2005/10/15 07:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/04/24 00:34:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\videoico.exe
[2003/04/24 00:33:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tvicon.exe
[2003/04/24 00:33:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\RegServe.exe
[2003/04/24 00:32:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\TVCtrl.dll
[2003/04/24 00:32:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\Multview.dll
[2003/04/24 00:32:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LCDCtrl.dll
[2003/04/24 00:31:48 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\GenCtrl.dll
[2003/04/24 00:31:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\CRTCtrl.dll
[2003/04/24 00:31:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ColorCtr.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/03/19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,433,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,067,950 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34

< End of report >



OTL without battery
OTL logfile created on: 1/29/2012 3:29:00 PM - Run 4
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.48 Mb Total Physical Memory | 643.66 Mb Available Physical Memory | 64.92% Memory free
2.33 Gb Paging File | 2.14 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 15.71 Gb Free Space | 42.16% Space Free | Partition Type: NTFS
Drive Z: | 1851.41 Gb Total Space | 402.20 Gb Free Space | 21.72% Space Free | Partition Type: NTFS

Computer Name: JS-DNQV5UD8YBLE | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/11/28 13:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/26 01:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2009/04/15 11:55:49 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (All) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpt3xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/17 08:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 08:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 09:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/06/24 09:10:36 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/04/21 08:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011/02/17 08:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/04/24 08:57:35 | 000,011,861 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2009/04/15 11:55:50 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/20 12:58:58 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 04:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 04:43:22 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/14 04:43:22 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/14 00:16:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/14 00:16:26 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/14 00:16:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/14 00:16:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/14 00:16:24 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/14 00:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/14 00:09:52 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 23:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 23:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 23:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 23:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 23:48:02 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 23:45:46 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 23:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 23:30:20 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 23:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 23:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 23:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 23:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 23:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 23:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 23:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 23:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 23:26:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 23:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 23:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 23:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 23:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 23:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/04/13 23:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 23:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 23:15:36 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 23:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 23:14:50 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 23:14:48 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 23:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 23:11:02 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 23:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 23:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 23:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 23:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 23:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 23:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 23:10:12 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 23:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 23:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 23:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 23:09:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 23:09:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 23:06:54 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 23:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 23:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 23:06:46 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 23:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 23:06:36 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008/04/13 23:03:30 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 23:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 23:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 23:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 23:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 23:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 23:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 23:01:34 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 23:01:32 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 21:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/10/18 19:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2004/08/03 21:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/14 20:16:16 | 000,324,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/05/20 22:53:26 | 000,249,344 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tridxpm.sys -- (tridxp)
DRV - [2003/05/06 08:14:34 | 000,580,992 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/03/13 17:34:48 | 000,100,224 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/09/02 12:16:36 | 000,026,880 | ---- | M] (ALi Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001/08/23 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/23 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001/08/23 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001/08/23 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001/08/23 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/23 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001/08/23 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/23 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001/08/23 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001/08/23 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001/08/23 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001/08/23 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001/08/23 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001/08/23 07:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001/08/23 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001/08/17 12:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 12:28:12 | 000,797,500 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSMT.sys -- (TOSHIBASoftModem)
DRV - [2001/08/17 08:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GGL, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\zoek, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/25 13:44:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 09:58:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/12 19:54:13 | 000,000,000 | ---D | M]

[2009/04/15 11:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2010/10/29 07:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\tu9nsqk3.default\extensions
[2012/01/09 09:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/01/25 13:44:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/01/23 08:57:20 | 000,440,161 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15137 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Autodesk DWF) - {F03966D3-8EA0-47B4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/26 12:32:58 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\microsoft frontpage\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1259114947371 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/11 16:16:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/29 13:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\SpeedFan
[2012/01/29 13:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2012/01/28 14:36:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:31 | 004,423,984 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 12:49:26 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 12:47:48 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:27:01 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:11 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 17:40:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/01/27 08:55:42 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/27 08:50:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/27 08:50:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/27 08:50:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/27 08:50:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/27 08:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/27 08:49:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/27 08:49:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\My Documents\My Videos
[2012/01/27 08:46:36 | 004,391,956 | R--- | C] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/01/25 13:45:36 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/25 13:45:36 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/25 13:45:31 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/25 13:45:30 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/25 13:45:30 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/25 13:45:29 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/25 13:45:29 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/25 13:45:28 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/25 13:44:48 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2012/01/25 12:53:05 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/01/17 20:35:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/01/17 16:28:19 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 16:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\TuneXP
[2012/01/17 12:23:20 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2012/01/17 12:23:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2012/01/17 12:16:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2012/01/11 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2012/01/11 18:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lame
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/29 15:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/29 13:38:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:22 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:28 | 002,108,256 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 14:36:32 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:42 | 004,423,984 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:48:16 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:38:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/28 12:27:25 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:46 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 08:55:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/27 08:46:38 | 004,391,956 | R--- | M] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/24 22:56:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/23 08:59:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/23 08:57:20 | 000,440,161 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/21 10:02:28 | 000,000,406 | RHS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 16:27:29 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 11:38:09 | 000,440,011 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120123-085720.backup
[2012/01/13 11:31:50 | 000,001,583 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2012/01/13 11:31:48 | 000,003,647 | ---- | M] () -- C:\WINDOWS\SETUP.LST
[2012/01/09 10:10:05 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2012/01/09 09:58:19 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/29 13:38:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:19 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:24 | 002,108,256 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:38:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/27 08:55:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/01/27 08:55:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/01/27 08:50:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/27 08:50:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/27 08:50:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/27 08:50:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/27 08:50:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/21 10:02:28 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 12:25:18 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2012/01/13 11:31:48 | 002,363,909 | ---- | C] () -- C:\WINDOWS\XPTune.CAB
[2012/01/13 11:31:48 | 000,003,647 | ---- | C] () -- C:\WINDOWS\SETUP.LST
[2012/01/13 11:31:48 | 000,001,583 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2012/01/09 10:09:58 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2011/06/13 08:19:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2011/05/24 08:59:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2011/03/13 11:06:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2009/10/12 20:40:34 | 000,000,442 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/12 10:39:31 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/04/24 08:57:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/20 09:24:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/15 13:19:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/15 11:45:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/04/15 11:45:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2009/04/15 11:37:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/15 11:37:08 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2009/04/15 11:36:48 | 000,003,131 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/04/15 11:31:38 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/04/15 11:12:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 09:51:32 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 09:44:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2009/04/15 09:09:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 08:59:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/15 04:44:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/15 04:42:36 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/09 13:46:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2006/02/09 13:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2005/10/15 07:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/04/24 00:34:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\videoico.exe
[2003/04/24 00:33:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tvicon.exe
[2003/04/24 00:33:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\RegServe.exe
[2003/04/24 00:32:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\TVCtrl.dll
[2003/04/24 00:32:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\Multview.dll
[2003/04/24 00:32:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LCDCtrl.dll
[2003/04/24 00:31:48 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\GenCtrl.dll
[2003/04/24 00:31:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\CRTCtrl.dll
[2003/04/24 00:31:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ColorCtr.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/03/19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,433,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,067,950 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34

< End of report >



OTL logfile created on: 1/29/2012 3:29:00 PM - Run 4
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.48 Mb Total Physical Memory | 643.66 Mb Available Physical Memory | 64.92% Memory free
2.33 Gb Paging File | 2.14 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 15.71 Gb Free Space | 42.16% Space Free | Partition Type: NTFS
Drive Z: | 1851.41 Gb Total Space | 402.20 Gb Free Space | 21.72% Space Free | Partition Type: NTFS

Computer Name: JS-DNQV5UD8YBLE | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/11/28 13:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011/06/11 18:59:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/06/26 01:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2010/09/13 20:02:44 | 000,399,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2009/04/15 11:55:49 | 000,054,784 | ---- | M] (Macrovision) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (All) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpt3xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/17 08:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 08:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 09:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/06/24 09:10:36 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/04/21 08:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011/02/17 08:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/04/24 08:57:35 | 000,011,861 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2009/04/15 11:55:50 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2009/03/25 05:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/20 12:58:58 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 04:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 04:43:22 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/14 04:43:22 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/14 00:16:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/14 00:16:26 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/14 00:16:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/14 00:16:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/14 00:16:24 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/14 00:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/14 00:09:52 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 23:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 23:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 23:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 23:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 23:48:02 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 23:45:46 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 23:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 23:30:20 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 23:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 23:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 23:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 23:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 23:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 23:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 23:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 23:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 23:26:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 23:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 23:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 23:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 23:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 23:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/04/13 23:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 23:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 23:15:36 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 23:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 23:14:50 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 23:14:48 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 23:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 23:11:02 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 23:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 23:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 23:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 23:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 23:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 23:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 23:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 23:10:12 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 23:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 23:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 23:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 23:09:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 23:09:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 23:06:54 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 23:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 23:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 23:06:46 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 23:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 23:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 23:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 23:06:36 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008/04/13 23:03:30 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 23:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 23:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 23:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 23:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 23:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 23:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 23:01:34 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 23:01:32 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 21:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/10/18 19:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2004/08/03 21:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/14 20:16:16 | 000,324,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/05/20 22:53:26 | 000,249,344 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tridxpm.sys -- (tridxp)
DRV - [2003/05/06 08:14:34 | 000,580,992 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/03/13 17:34:48 | 000,100,224 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2002/09/02 12:16:36 | 000,026,880 | ---- | M] (ALi Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2001/08/23 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/23 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001/08/23 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001/08/23 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001/08/23 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/23 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001/08/23 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/23 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001/08/23 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001/08/23 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001/08/23 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001/08/23 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001/08/23 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001/08/23 07:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001/08/23 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001/08/23 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001/08/17 12:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 12:28:12 | 000,797,500 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSMT.sys -- (TOSHIBASoftModem)
DRV - [2001/08/17 08:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GGL, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\zoek, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/25 13:44:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/09 09:58:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/12 19:54:13 | 000,000,000 | ---D | M]

[2009/04/15 11:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2010/10/29 07:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\tu9nsqk3.default\extensions
[2012/01/09 09:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/01/25 13:44:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/01/23 08:57:20 | 000,440,161 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15137 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Autodesk DWF) - {F03966D3-8EA0-47B4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\AutorunsDisabled [2010/01/26 12:32:58 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\microsoft frontpage\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1259114947371 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/11 16:16:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/29 13:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\SpeedFan
[2012/01/29 13:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2012/01/28 14:36:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:31 | 004,423,984 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 12:49:26 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 12:47:48 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:27:01 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:11 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 17:40:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/01/27 08:55:42 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/27 08:50:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/27 08:50:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/27 08:50:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/27 08:50:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/27 08:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/27 08:49:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/27 08:49:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mike\My Documents\My Videos
[2012/01/27 08:46:36 | 004,391,956 | R--- | C] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/01/25 13:45:36 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/25 13:45:36 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/25 13:45:31 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/25 13:45:30 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/25 13:45:30 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/25 13:45:29 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/25 13:45:29 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/25 13:45:28 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/25 13:44:48 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/25 13:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2012/01/25 12:53:05 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012/01/17 20:35:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2012/01/17 16:28:19 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 16:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\TuneXP
[2012/01/17 12:23:20 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2012/01/17 12:23:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2012/01/17 12:16:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2012/01/11 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2012/01/11 18:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Start Menu\Programs\Exact Audio Copy
[2012/01/11 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lame
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/29 15:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/29 13:38:25 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:22 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:28 | 002,108,256 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 14:36:32 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Mike\Desktop\VEW.exe
[2012/01/28 14:23:42 | 004,423,984 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Mike\Desktop\spsetup115.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:48:16 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/28 12:38:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/28 12:27:25 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Mike\Desktop\aswMBR.exe
[2012/01/28 12:13:46 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Mike\Desktop\tdsskiller.exe
[2012/01/27 08:55:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/27 08:46:38 | 004,391,956 | R--- | M] (Swearware) -- C:\Documents and Settings\Mike\Desktop\ComboFix.exe
[2012/01/25 13:45:30 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/24 22:56:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/23 08:59:37 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/23 08:57:20 | 000,440,161 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/21 10:02:28 | 000,000,406 | RHS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 16:27:29 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2012/01/17 11:38:09 | 000,440,011 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120123-085720.backup
[2012/01/13 11:31:50 | 000,001,583 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2012/01/13 11:31:48 | 000,003,647 | ---- | M] () -- C:\WINDOWS\SETUP.LST
[2012/01/09 10:10:05 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2012/01/09 09:58:19 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/29 13:38:25 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\SpeedFan.lnk
[2012/01/29 13:38:19 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2012/01/29 13:37:24 | 002,108,256 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\installspeedfan445.exe
[2012/01/28 12:49:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 12:38:17 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MBR.dat
[2012/01/27 08:55:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/01/27 08:55:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/01/27 08:50:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/27 08:50:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/27 08:50:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/27 08:50:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/27 08:50:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/21 10:02:28 | 000,000,406 | RHS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2012/01/17 12:25:18 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2012/01/13 11:31:48 | 002,363,909 | ---- | C] () -- C:\WINDOWS\XPTune.CAB
[2012/01/13 11:31:48 | 000,003,647 | ---- | C] () -- C:\WINDOWS\SETUP.LST
[2012/01/13 11:31:48 | 000,001,583 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2012/01/09 10:09:58 | 000,001,979 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20120109_1009.reg
[2011/06/13 08:19:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\housecall.guid.cache
[2011/05/24 08:59:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2011/03/13 11:06:16 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2009/10/12 20:40:34 | 000,000,442 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/12 10:39:31 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/04/24 08:57:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/20 09:24:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/04/15 13:19:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/15 11:45:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/04/15 11:45:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2009/04/15 11:37:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/15 11:37:08 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2009/04/15 11:36:48 | 000,003,131 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/04/15 11:31:38 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/04/15 11:12:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 09:51:32 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 09:44:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe
[2009/04/15 09:09:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 08:59:13 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/15 04:44:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/15 04:42:36 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/03 11:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/02/09 13:46:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2006/02/09 13:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2005/10/15 07:00:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/04/24 00:34:02 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\videoico.exe
[2003/04/24 00:33:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\tvicon.exe
[2003/04/24 00:33:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\RegServe.exe
[2003/04/24 00:32:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\TVCtrl.dll
[2003/04/24 00:32:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\Multview.dll
[2003/04/24 00:32:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LCDCtrl.dll
[2003/04/24 00:31:48 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\GenCtrl.dll
[2003/04/24 00:31:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\CRTCtrl.dll
[2003/04/24 00:31:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ColorCtr.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/03/19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2001/08/23 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 07:00:00 | 000,433,034 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 07:00:00 | 000,067,950 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:5C321E34

< End of report >


Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 94.06 0 K 16 K
procexp.exe 2960 1.98 10,268 K 15,072 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
svchost.exe 1072 0.99 16,552 K 24,516 K Generic Host Process for Win32 Services Microsoft Corporation
services.exe 776 0.99 1,864 K 3,744 K Services and Controller app Microsoft Corporation
Interrupts n/a 0.99 0 K 0 K Hardware Interrupts
DPCs n/a 0.99 0 K 0 K Deferred Procedure Calls
wmiprvse.exe 3080 2,280 K 5,528 K WMI Microsoft Corporation
winlogon.exe 732 6,384 K 1,664 K Windows NT Logon Application Microsoft Corporation
uphclean.exe 1824 796 K 1,644 K User Profile Hive Cleanup Service Windows ® Codename Longhorn DDK provider
System 4 0 K 232 K
svchost.exe 1800 2,712 K 4,692 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1020 1,944 K 4,600 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 936 1,556 K 3,860 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1120 2,612 K 3,764 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1220 4,972 K 7,388 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1256 1,788 K 4,404 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1628 1,540 K 4,124 K Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1388 3,720 K 5,752 K Spooler SubSystem App Microsoft Corporation
smss.exe 432 172 K 416 K Windows NT Session Manager Microsoft Corporation
lsass.exe 788 3,992 K 988 K LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1452 23,220 K 30,476 K Windows Explorer Microsoft Corporation
ctfmon.exe 1720 1,140 K 3,612 K CTF Loader Microsoft Corporation
csrss.exe 708 1,620 K 3,504 K Client Server Runtime Process Microsoft Corporation
AvastUI.exe 2008 4,876 K 6,484 K avast! Antivirus AVAST Software
AvastSvc.exe 1688 10,128 K 11,940 K avast! Service AVAST Software
alg.exe 1132 1,416 K 3,972 K Application Layer Gateway Service Microsoft Corporation

Attached Files


Edited by benny_b, 29 January 2012 - 03:23 PM.

  • 0

#12
RKinner
Posted 30 January 2012 - 01:40 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Temps seem pretty good so shouldn't be a problem. Don't think you need Speedfan to run right now.

The autoruns log came up in Chinese so it's not much use. Don't know why.


It does appear that removing the battery has helped

Interrupts n/a 0.99 0 K 0 K Hardware Interrupts
DPCs n/a 0.99 0 K 0 K Deferred Procedure Calls

Compared to:
DPCs n/a 2.94 0 K 0 K Deferred Procedure Calls
Interrupts n/a 1.96 0 K 0 K Hardware Interrupts

Tho I still don't like the DFCs being so high.

Do you notice any difference in speed without the battery? If it still feels slow then try

DPC Latency Checker 1.3.0: Free Download

http://www.softpedia...oad-118586.html

Just download it, Save it and run it and it will tell you what it thinks of your PC.

If it seems to be failing then see if you can follow the instructions on this page:

http://www.msfn.org/...-dpc-interrupt/
  • 0

#13
benny_b
Posted 30 January 2012 - 10:41 AM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
i reinstalled autoruns and the saved text file was garbled like the last one. i have no idea why. i read in a post that the file needs to be opened with a unicode enabled text editor. i opened the .arn with autoruns, so i will send you that.

i believe i failed the DPC test. results were as follows:

Test Interval 1003 us
Current Latency 307 us
Absolute Maximum 8013 us

Some device drivers on this machine behave bad and will probably cause drop outs in real time audio and/or video streams. to isolate the misbehaving driver use device manager...

i had previously suspected that there might be a driver problem, but was not confident to start attempting to disable them.

i installed the microsoft windows sdk v.7 tools, but this is a bit above my computer knowledge. anyways i tried to follow the instructions for analyzing dcp/interrupt issues. when i ran the command prompt window it said i did not have x86 compilers installed and to update my installation which i did, but there was no capability to update the sdk program. when i attempted to proceed it said that xperf was not a recognized command.

Attached Files


Edited by benny_b, 30 January 2012 - 10:42 AM.

  • 0

#14
RKinner
Posted 30 January 2012 - 11:50 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Run Autoruns again and under Services uncheck:

idsvc Securely enables the creation, management, and disclosure of digital identities. (Verified) Microsoft Corporation c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe

infocard.exe has been blamed for slowing down PCs:
http://forums.majorg...ad.php?t=193326

Then reboot into regular mode and see if your DPC test scores improve.

If not then look at the OTL log you did in Safe Mode with Networking compare it to the OTL in regular mode. Go into Autorun and uncheck any driver or service which is not shown as running in Safe Mode. Then reboot and try your DFC test again.

Ron
  • 0

#15
benny_b
Posted 30 January 2012 - 02:04 PM

benny_b

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
with idvsc disabled the DPC looked like this:
test interval 1003 us
current latency 153 us
absolute maximum 5343 us

so i tried to stop services and drivers. i was unable to change any of the avast settings.
in the win32 safelist i stopped
combofix\pev.3xe
uphclean.exe

in drivers i stopped

MDC8021X.sys
PCIDump - File not found

there were also two speedfan drivers i left alone. rebooted and then DPC readings went:

test interval 1003 us
current latency 211 - 8900 us
absolute maximum 13946 us

i've been checking process explorer intermittently and it hasn't changed much. the DHP and HI are constantly fluctuating between 0.99 and 4.95. they never stabilize. this is all without the battery, so i'm not convinced that the battery is having any effect on performance.

my loading personal settings screen has gone down from +3 to about 1.5 minutes. the windows start screen is pretty quick at 2-3 sec.

i have no idea what to make of these DPC readings.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP