Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Computer Just Started Lagging


  • This topic is locked This topic is locked
2 replies to this topic

#1 orion888

orion888

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 21 July 2011 - 01:58 PM

All my problems seemed to have started when I applied the newest update to Mozilla Firefox (v5.0). Saw that my Realplayer Video Recorder was incompatible with the new version of Firefox, so I downloaded the latest installation of Realplayer and installed it. Shortly thereafter, videos and firefox were slightly lagging, so I restarted my computer. First problem I hit was that it was taking much longer to start up Windows. Then once in Windows, everything became EXTREMELY Laggy, ie. everything would hang for at least a minute before it started, and whilst running, would periodically freeze up for a while, then continue on it's merry way.

So I did what anyone would do when something goes wrong with an update, I went and uninstalled both realplayer and Firefox. I then downloaded the previously known working version of Firefox, and after a re-boot, installed it once again, but to no avail. So I decided to try to get some expert advice before I give up and reinstall my Windows XP. I have read the "laggy computer" sticky topic in this forum, and all the steps there I do on a regular basis. I also did a malware and virus scan, and used CCleaner.

I was initially planning on finding a HijackThis forum (hence it showing up on some of my reports), when I found this site listed as the first recommended forum from TrendMicro. And since I got that nifty rkill program from this site (that's helped me with my solo malware removal in the past) I figured that this would be the most knowledgeable place I could go to in order to seek help. :thumbsup:

DDS:

.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Azdin at 4:22:47 on 2011-07-21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3068.1756 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Azdin\Desktop\HijackThis.exe
C:\Documents and Settings\Azdin\Desktop\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ca.mg5.mail.yahoo.com/dc/launch?.gx=1&.rand=7vgsrht2bmigm
uSearch Page =
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/zcdvdtools/{5BE286C5-FB6F-4519-882D-E3C23741A1A6}
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [<NO NAME>]
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [UniblueRegistryBooster] "launcher.exe" delay 20000
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
dPolicies-explorer: EditLevel = 0 (0x0)
dPolicies-explorer: NoCommonGroups = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: intuit.com\ttlc
DPF: ActiveGS.cab - hxxp://www.virtualapple.org/activegs.cab
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} - hxxp://download.tenebril.com/pub/bin/scanner2008/TenebrilSpywareScanner.ocx
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {41564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263421657297
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189039960296
DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} - hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://plugin.driveragent.com/files/driveragent.cab
TCP: {25ADC84C-FA24-416A-8748-E5C068FCCD88} = 66.203.195.237
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli dpmsfo.dll
IFEO: AcroRd32.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: cdbxpp.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: extendscript toolkit.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: openvpntray.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
IFEO: presentationhost.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 127.255.255.255 serial.alcohol-soft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\azdin\application data\mozilla\firefox\profiles\wc4aot3h.newandclean\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.ftp - 192.104.67.250
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 192.104.67.250
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.104.67.250
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.104.67.250
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npActiveGS.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin2.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin3.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin4.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin5.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin6.dll
FF - plugin: h:\program files\quicktime\plugins\npqtplugin7.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [2010-12-5 189968]
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2010-11-12 26248]
R0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [2010-11-12 20616]
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2010-12-6 56208]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-9-11 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-9-11 29400]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl880c0e12;MpKsl880c0e12;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ae27128b-6962-4136-a5d7-22b7bbc2b06f}\MpKsl880c0e12.sys [2011-7-20 28752]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-9-11 1793712]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-11-25 10448]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-14 366640]
R2 PDFSFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [2011-6-6 66704]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
R3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\drivers\EuDisk.sys [2010-11-12 122504]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-14 22712]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-10-17 124648]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
S1 MpKsl0375cccc;MpKsl0375cccc;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9b7a77af-79e9-46cd-8563-ce5f897f2534}\mpksl0375cccc.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9b7a77af-79e9-46cd-8563-ce5f897f2534}\MpKsl0375cccc.sys [?]
S1 MpKsl5c2b7939;MpKsl5c2b7939;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{393127d4-8416-4955-bdfa-89df57f438cd}\mpksl5c2b7939.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{393127d4-8416-4955-bdfa-89df57f438cd}\MpKsl5c2b7939.sys [?]
S1 MpKsl67a9c939;MpKsl67a9c939;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d05266b8-48c3-43f1-81b6-2d323eb73268}\mpksl67a9c939.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d05266b8-48c3-43f1-81b6-2d323eb73268}\MpKsl67a9c939.sys [?]
S1 MpKsl79606050;MpKsl79606050;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a924d8a8-c1e2-48b1-8368-9440530e24f0}\mpksl79606050.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a924d8a8-c1e2-48b1-8368-9440530e24f0}\MpKsl79606050.sys [?]
S1 MpKslbd568fa8;MpKslbd568fa8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96646b6d-60b8-470d-89fe-ce5b3ab9e5ad}\mpkslbd568fa8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96646b6d-60b8-470d-89fe-ce5b3ab9e5ad}\MpKslbd568fa8.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 ADM851X;ADM851X USB To Fast Ethernet Adapter;c:\windows\system32\drivers\ADM851X.sys [2008-12-18 21376]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-11-15 1691480]
S3 cpuz131;cpuz131;\??\c:\docume~1\azdin\locals~1\temp\cpuz131\cpuz_x32.sys --> c:\docume~1\azdin\locals~1\temp\cpuz131\cpuz_x32.sys [?]
S3 cpuz132;cpuz132;\??\c:\docume~1\azdin\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\azdin\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 DM9USB;DM9601 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\dm9usb.sys [2010-2-12 54272]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-11-16 23456]
S3 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2010-11-12 14216]
S3 FsUsbExDisk;FsUsbExDisk;\??\c:\windows\system32\fsusbexdisk.sys --> c:\windows\system32\FsUsbExDisk.SYS [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-10-1 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-10-1 8320]
S3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2006-2-7 603648]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2010-11-15 68136]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-31 136176]
S4 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]
S4 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-07-20 23:49:59 924632 ----a-w- c:\program files\mozilla firefox\firefox.exe
2011-07-20 23:49:59 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-07-20 23:49:59 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-07-20 23:49:59 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
2011-07-20 23:49:59 715736 ----a-w- c:\program files\mozilla firefox\mozcrt19.dll
2011-07-20 23:49:59 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-07-20 23:49:59 269272 ----a-w- c:\program files\mozilla firefox\freebl3.dll
2011-07-20 23:49:59 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-07-20 23:49:59 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-07-20 23:49:57 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-07-20 23:49:55 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-07-20 23:49:55 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2011-07-20 23:49:55 125912 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2011-07-20 23:29:58 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ae27128b-6962-4136-a5d7-22b7bbc2b06f}\MpKsl880c0e12.sys
2011-07-20 16:39:04 -------- d-----w- c:\documents and settings\azdin\application data\Cobra Mobile
2011-07-20 16:32:13 -------- d-----w- c:\program files\iBomber Defense
2011-07-20 01:36:10 7074640 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ae27128b-6962-4136-a5d7-22b7bbc2b06f}\mpengine.dll
2011-07-05 00:23:01 -------- d-----w- c:\documents and settings\azdin\application data\Razor
2011-06-27 21:45:11 -------- d-----w- c:\documents and settings\azdin\application data\Foxit Software
.
==================== Find3M ====================
.
2011-07-20 16:34:38 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-20 16:34:37 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-15 16:09:02 17488 ----a-w- c:\windows\gdrv.sys
2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 22:11:32 285256 ----a-w- c:\windows\system32\guard32.dll
2011-07-05 22:11:31 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-07-05 22:11:31 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-07-05 22:11:31 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-18 03:15:21 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-06-18 03:01:22 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-18 03:01:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-16 13:01:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-14 02:09:22 65328 ----a-w- c:\windows\apppatch\matsshim.dll
2011-06-06 12:07:06 66704 ----a-w- c:\windows\system32\drivers\PDFsFilter.sys
2011-06-03 15:38:36 240392 ----a-w- c:\windows\system32\PDBoot.exe
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-26 15:13:10 138768 ----a-w- c:\windows\system32\drivers\DefragFs.sys
2011-05-25 04:21:44 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 04:15:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-05-25 03:53:14 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 03:53:06 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 03:47:42 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:44:26 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-25 03:44:10 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 03:43:50 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-25 03:42:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 03:14:06 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:07:40 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-05-25 03:05:18 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58:28 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:56:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 02:55:58 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54:56 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39:28 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39:16 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39:08 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38:52 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38:52 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38:50 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37:34 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36:10 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:34:52 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 02:31:28 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27:52 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27:36 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22:34 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-04 04:15:56 77824 ------w- c:\windows\KMSEmulator.exe
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07:50 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec
2011-04-25 05:42:48 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2002-07-19 15:50:16 153088 ----a-w- c:\program files\UNWISE.EXE
.
============= FINISH: 4:24:54.60 ===============

Attached Files


Edited by orion888, 21 July 2011 - 06:35 PM.


BC AdBot (Login to Remove)

 


#2 orion888

orion888
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 25 July 2011 - 05:13 PM

Can't seem to edit my post... admin please delete, I've found help elsewhere.

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 25 July 2011 - 11:46 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users