Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer slows down when scanning with Malwayrebytes/Ad-aware


  • Please log in to reply
6 replies to this topic

#1 ewa100

ewa100

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 19 July 2013 - 09:30 PM

Hi there,
 
Let me say sorry first if my post is not up to standard as this is my first post here.

 

What happened was that I plugged my external HDD to my PC to transfer some files into the HDD. As I was trying to transfer some files, my PC starts to slows down when I opened a certain folder. Its so slow that I can't do anything, not even opening My Documents folder. I started to get worry and decided to update my Adaware and Malwarebytes virus definition. After a pain-staking slow process of trying to restart my PC, I finally succeeded in restarting my PC

 

I updated my Malwarebytes to version 1.75.0.1300 and right after that I ran a full scan on my computer. Once the scan started for few minutes, my computer starts to slows down badly again. Since it was late at night, I figured I just leave it running scanning my PC the whole night. When I woke up the next morning I was shocked to find that the Full Scan takes 12 hours to complete when usually it only takes 1.5 to 2 hours.
 
Result shows that I was infected with 13 items which can be categorized into two types: PUP.VShareRedir and Hijack.Startpage. Next step that I took was to quarantine these items and shut down my PC. After work, I came back to my house to run Malwarebytes Full Scan again just to make sure everything is OK and once again it slows down my whole PC! I left my PC again and came back next morning to find that once again it takes 12 hours to complete the scan but this time there were no virus detected. PC running normally after the scan and not slow at all.

 

Next, I went to scan my external HDD to see if it had been infected. Scan slows down my PC again and after 2 hours it comes back with no virus detected, but this time after the scan my PC stays slow!

 

I have several questions:

1. Does my PC actually still infected by virus/malware?

2. Does my external HDD have virus/malware as well?

3. Why does the Malwarebytes scan slows down my PC significantly?

 

Thank you in advance for any help!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:41 AM

Posted 19 July 2013 - 09:53 PM

Hello and welcome.

Let's use use Safe Mode with Networking as a boot option.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ewa100

ewa100
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 19 July 2013 - 10:50 PM

Hi Boopme,
 
Thank you for the quick reply!
 
When I reboot my PC in safe mode, right before it enters Windows I was given a choice between "Administrator" and my personal login. I chose my own personal login and ran the scan there. Should I have chosen Administrator?
 
After logged in, I opened my Chrome and realized that internet was not working in safe mode. Is this normal?
 
This means that I cannot run the ESET Scanner in safe mode because it requires internet to download for updates. What should I do now?
 
Lastly, should I plug in my external HDD along when doing all these scans?
 
I am so sorry for asking so much questions =S

Edited by ewa100, 20 July 2013 - 03:58 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:41 AM

Posted 22 July 2013 - 09:03 AM

Hello,had an emergency this weekend and could not get back.

Did you boot to Safe Mode with Networking?
 
Try as Admin... Yes you can connect the external drive.
 
If needed for the connection try these...
Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.
OR
Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.
Reboot your system to complete the process.

Edited by boopme, 22 July 2013 - 09:04 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ewa100

ewa100
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 July 2013 - 04:39 AM

Hi Boopme,

 

Everything alright? Thanks again for the help!

 

I have restarted my computer in Safe Mode with Networking. I think before this I started my computer only in Safe Mode hence there was no internet connection.

 

The first result is from the MiniToolBox

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 20-07-2013 at 13:25:09
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Minimal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
An internal error occurred: The request is not supported.
 
 
 
Please contact Microsoft Product Support Services for further help.
 
 
 
Additional information: Unable to query host name.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
An internal error occurred: The request is not supported.
 
 
 
Please contact Microsoft Product Support Services for further help.
 
 
 
Additional information: Unable to query host name.
 
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
 
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Unable to contact IP driver, error code 2,
 
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/20/2013 01:10:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/20/2013 01:09:28 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
 
Error: (07/12/2013 11:40:03 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
 
Error: (07/12/2013 09:32:11 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
 
Error: (07/12/2013 07:25:15 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
 
Error: (06/24/2013 06:45:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1953
 
Error: (06/24/2013 06:45:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1953
 
Error: (06/24/2013 06:45:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/17/2013 09:53:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11295469
 
Error: (06/17/2013 09:53:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11295469
 
 
System errors:
=============
Error: (07/20/2013 01:25:12 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:12 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:12 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:12 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (07/20/2013 01:25:11 PM) (Source: DCOM) (User: EWA-8FF971CC847)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
A4 Tech USB PC Camera (Version: 1.00.000)
Ad-Aware Antivirus (Version: 10.2.21.3698)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) (Version: 10.1.7)
AMD APP SDK Runtime (Version: 10.0.831.4)
AMD Catalyst Install Manager (Version: 3.0.855.0)
AMD Processor Driver (Version: 1.3.2.0053)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASUS Gamer OSD (Version: 2.07.1026)
ASUS Smart Doctor (Version: 5.51)
ASUS VGA Driver (Version: 4.00.0000)
ASUS VideoSecurity Online (Version: 3.5.1.3)
ASUSUpdate
ATI AVIVO Codecs (Version: 10.0.0.40103)
ATI Catalyst Registration (Version: 3.00.0000)
BlackBerry Desktop Software 7.0 (Version: 7.0.0.59)
Bonjour (Version: 3.0.0.10)
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Canon MP Navigator EX 3.0
Canon MP490 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1109.2146.39010)
Catalyst Control Center Graphics Previews Common (Version: 2011.1109.2146.39010)
Catalyst Control Center InstallProxy (Version: 2011.1109.2146.39010)
CCC Help English (Version: 2011.1109.2145.39010)
ccc-utility (Version: 2011.1109.2146.39010)
CCleaner (Version: 4.03)
Dropbox (Version: 1.4.7)
e-tax 2012 (Version: 6.0.577)
Express Gate (Version: 1.2.8.0)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (Version: 28.0.1500.72)
Google Talk Plugin (Version: 4.2.1.14031)
iTunes (Version: 11.0.4.4)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
League of Legends (Version: 1.0020)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager (Version: 1.00.6781)
Pando Media Booster (Version: 2.3.4.1)
Platform (Version: 1.27)
QuickTime (Version: 7.73.80.64)
Razer Lachesis (Version: 1.00.0000)
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
Segoe UI (Version: 14.0.4327.805)
Skype Click to Call (Version: 6.9.12585)
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
Ulead Burn.Now 4.5 (Version: 4.5.0)
Ulead Burn.Now 4.5 SE (Version: 4.5.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Utility (Version: 1.00.0002)
VIA Platform Device Manager (Version: 1.27)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 2.0.7 (Version: 2.0.7)
vShare.tv plugin 1.3 (Version: 1.3)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - MOTOROLA (uisp) USB  (09/08/2006 1.2.0.0) (Version: 09/08/2006 1.2.0.0)
Windows Driver Package - Razer (HidUsb) HIDClass  (05/10/2007 1.00) (Version: 05/10/2007 1.00)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
WinRAR archiver
XviD MPEG-4 Video Codec
 
========================= Memory info: ===================================
 
Percentage of memory in use: 15%
Total physical RAM: 3071.23 MB
Available physical RAM: 2598.05 MB
Total Pagefile: 4961.96 MB
Available Pagefile: 4527.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1984.89 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:931.51 GB) (Free:563.99 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\
 
Administrator            Guest                    HelpAssistant            
Owner                    SUPPORT_388945a0         
 
 
**** End of log ****
 

 

The second result is from the TDSS Killer

 

13:27:16.0875 0852  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19

13:27:16.0875 0852  ============================================================
13:27:16.0875 0852  Current date / time: 2013/07/20 13:27:16.0875
13:27:16.0875 0852  SystemInfo:
13:27:16.0875 0852  
13:27:16.0875 0852  OS Version: 5.1.2600 ServicePack: 3.0
13:27:16.0875 0852  Product type: Workstation
13:27:16.0875 0852  ComputerName: EWA-8FF971CC847
13:27:16.0875 0852  UserName: Owner
13:27:16.0875 0852  Windows directory: C:\WINDOWS
13:27:16.0875 0852  System windows directory: C:\WINDOWS
13:27:16.0875 0852  Processor architecture: Intel x86
13:27:16.0875 0852  Number of processors: 4
13:27:16.0875 0852  Page size: 0x1000
13:27:16.0875 0852  Boot type: Safe boot
13:27:16.0875 0852  ============================================================
13:27:18.0515 0852  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:27:18.0515 0852  ============================================================
13:27:18.0515 0852  \Device\Harddisk0\DR0:
13:27:18.0515 0852  MBR partitions:
13:27:18.0515 0852  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:27:18.0515 0852  ============================================================
13:27:18.0546 0852  C: <-> \Device\Harddisk0\DR0\Partition1
13:27:18.0562 0852  ============================================================
13:27:18.0562 0852  Initialize success
13:27:18.0562 0852  ============================================================
13:27:50.0156 0312  ============================================================
13:27:50.0156 0312  Scan started
13:27:50.0156 0312  Mode: Manual; TDLFS; 
13:27:50.0156 0312  ============================================================
13:27:51.0062 0312  ================ Scan system memory ========================
13:27:51.0062 0312  System memory - ok
13:27:51.0062 0312  ================ Scan services =============================
13:27:51.0171 0312  Abiosdsk - ok
13:27:51.0171 0312  abp480n5 - ok
13:27:51.0218 0312  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:27:51.0218 0312  ACPI - ok
13:27:51.0234 0312  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
13:27:51.0234 0312  ACPIEC - ok
13:27:51.0453 0312  [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
13:27:51.0593 0312  Ad-Aware Service - ok
13:27:51.0750 0312  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:27:51.0765 0312  AdobeFlashPlayerUpdateSvc - ok
13:27:51.0781 0312  adpu160m - ok
13:27:51.0843 0312  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
13:27:51.0859 0312  aec - ok
13:27:51.0921 0312  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
13:27:51.0937 0312  AFD - ok
13:27:51.0937 0312  Aha154x - ok
13:27:51.0937 0312  aic78u2 - ok
13:27:51.0953 0312  aic78xx - ok
13:27:51.0984 0312  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
13:27:51.0984 0312  Alerter - ok
13:27:52.0015 0312  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
13:27:52.0031 0312  ALG - ok
13:27:52.0031 0312  AliIde - ok
13:27:52.0062 0312  [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM          C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
13:27:52.0062 0312  AmdPPM - ok
13:27:52.0062 0312  amsint - ok
13:27:52.0093 0312  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:27:52.0109 0312  Apple Mobile Device - ok
13:27:52.0109 0312  AppMgmt - ok
13:27:52.0125 0312  asc - ok
13:27:52.0125 0312  asc3350p - ok
13:27:52.0125 0312  asc3550 - ok
13:27:52.0203 0312  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:27:52.0234 0312  aspnet_state - ok
13:27:52.0281 0312  [ D320732BCF5FF856120BD06855C66867 ] asusgsb         C:\WINDOWS\system32\drivers\asusgsb.sys
13:27:52.0281 0312  asusgsb - ok
13:27:52.0281 0312  [ B3B881EB81013AAC11594A5400ADA47A ] asuskbnt        C:\WINDOWS\system32\drivers\atkkbnt.sys
13:27:52.0281 0312  asuskbnt - ok
13:27:52.0296 0312  [ 94442E3029FF6C9F08140FE6718AF4FB ] ASUSVRC         C:\WINDOWS\system32\DRIVERS\AsusVRC.sys
13:27:52.0296 0312  ASUSVRC - ok
13:27:52.0312 0312  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:27:52.0312 0312  AsyncMac - ok
13:27:52.0328 0312  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
13:27:52.0328 0312  atapi - ok
13:27:52.0328 0312  Atdisk - ok
13:27:52.0453 0312  [ D80A3FD3DB6F999F6D1C6D23A293851B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:27:52.0500 0312  Ati HotKey Poller - ok
13:27:53.0265 0312  [ C832BF76F003999D2E91E5115583C69E ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:27:53.0984 0312  ati2mtag - ok
13:27:54.0015 0312  [ FAC04A8E09C8D70594382656D99772A3 ] AtiHdmiService  C:\WINDOWS\system32\drivers\AtiHdmi.sys
13:27:54.0031 0312  AtiHdmiService - ok
13:27:54.0062 0312  [ 64B6A2D40CFECFF1885F696612BBA53F ] ATKKeyboardService C:\WINDOWS\ATKKBService.exe
13:27:55.0031 0312  ATKKeyboardService - ok
13:27:55.0046 0312  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:27:55.0062 0312  Atmarpc - ok
13:27:55.0093 0312  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
13:27:55.0156 0312  AudioSrv - ok
13:27:55.0203 0312  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
13:27:55.0203 0312  audstub - ok
13:27:55.0265 0312  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:27:55.0281 0312  Beep - ok
13:27:55.0359 0312  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
13:27:55.0500 0312  BITS - ok
13:27:55.0609 0312  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:27:55.0640 0312  Bonjour Service - ok
13:27:55.0687 0312  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
13:27:55.0703 0312  Browser - ok
13:27:55.0734 0312  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
13:27:55.0734 0312  cbidf2k - ok
13:27:55.0750 0312  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:27:55.0750 0312  CCDECODE - ok
13:27:55.0765 0312  cd20xrnt - ok
13:27:55.0765 0312  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
13:27:55.0765 0312  Cdaudio - ok
13:27:55.0781 0312  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
13:27:55.0796 0312  Cdfs - ok
13:27:55.0796 0312  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:27:55.0812 0312  Cdrom - ok
13:27:55.0812 0312  Changer - ok
13:27:55.0828 0312  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
13:27:55.0828 0312  CiSvc - ok
13:27:55.0859 0312  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
13:27:55.0859 0312  ClipSrv - ok
13:27:55.0906 0312  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:27:55.0953 0312  clr_optimization_v2.0.50727_32 - ok
13:27:55.0968 0312  CmdIde - ok
13:27:55.0968 0312  COMSysApp - ok
13:27:55.0984 0312  Cpqarray - ok
13:27:56.0015 0312  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
13:27:56.0015 0312  CryptSvc - ok
13:27:56.0015 0312  dac2w2k - ok
13:27:56.0031 0312  dac960nt - ok
13:27:56.0109 0312  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:27:56.0156 0312  DcomLaunch - ok
13:27:56.0218 0312  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
13:27:56.0234 0312  Dhcp - ok
13:27:56.0265 0312  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
13:27:56.0265 0312  Disk - ok
13:27:56.0265 0312  dmadmin - ok
13:27:56.0390 0312  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
13:27:56.0453 0312  dmboot - ok
13:27:56.0500 0312  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
13:27:56.0515 0312  dmio - ok
13:27:56.0515 0312  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
13:27:56.0515 0312  dmload - ok
13:27:56.0531 0312  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
13:27:56.0546 0312  dmserver - ok
13:27:56.0578 0312  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
13:27:56.0593 0312  DMusic - ok
13:27:56.0640 0312  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:27:56.0640 0312  Dnscache - ok
13:27:56.0687 0312  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:27:56.0687 0312  Dot3svc - ok
13:27:56.0703 0312  dpti2o - ok
13:27:56.0734 0312  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:27:56.0734 0312  drmkaud - ok
13:27:56.0750 0312  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
13:27:56.0765 0312  EapHost - ok
13:27:56.0765 0312  [ 88B5B982D702CD81874731CECF6BA4DB ] EIO_XP          C:\WINDOWS\system32\drivers\EIO_XP.sys
13:27:56.0765 0312  EIO_XP - ok
13:27:56.0781 0312  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
13:27:56.0781 0312  ERSvc - ok
13:27:56.0828 0312  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
13:27:56.0828 0312  Eventlog - ok
13:27:56.0875 0312  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
13:27:56.0906 0312  EventSystem - ok
13:27:56.0953 0312  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
13:27:56.0953 0312  Fastfat - ok
13:27:57.0031 0312  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:27:57.0046 0312  FastUserSwitchingCompatibility - ok
13:27:57.0062 0312  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
13:27:57.0062 0312  Fdc - ok
13:27:57.0078 0312  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
13:27:57.0078 0312  Fips - ok
13:27:57.0093 0312  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:27:57.0093 0312  Flpydisk - ok
13:27:57.0125 0312  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:27:57.0140 0312  FltMgr - ok
13:27:57.0203 0312  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:27:57.0203 0312  FontCache3.0.0.0 - ok
13:27:57.0328 0312  [ BDC3BF12060337DCA165478F6B68B43F ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
13:27:57.0390 0312  ForceWare Intelligent Application Manager (IAM) - ok
13:27:57.0390 0312  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:27:57.0390 0312  Fs_Rec - ok
13:27:57.0406 0312  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:27:57.0421 0312  Ftdisk - ok
13:27:57.0468 0312  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:27:57.0484 0312  GEARAspiWDM - ok
13:27:57.0500 0312  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:27:57.0500 0312  Gpc - ok
13:27:57.0531 0312  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:27:57.0531 0312  HDAudBus - ok
13:27:57.0546 0312  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:27:57.0562 0312  helpsvc - ok
13:27:57.0562 0312  HidServ - ok
13:27:57.0578 0312  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:27:57.0593 0312  hidusb - ok
13:27:57.0609 0312  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
13:27:57.0609 0312  hkmsvc - ok
13:27:57.0609 0312  hpn - ok
13:27:57.0687 0312  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
13:27:57.0703 0312  HTTP - ok
13:27:57.0750 0312  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
13:27:57.0750 0312  HTTPFilter - ok
13:27:57.0765 0312  i2omgmt - ok
13:27:57.0765 0312  i2omp - ok
13:27:57.0781 0312  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:27:57.0781 0312  i8042prt - ok
13:27:57.0859 0312  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:27:57.0875 0312  IDriverT - ok
13:27:58.0015 0312  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:27:58.0109 0312  idsvc - ok
13:27:58.0125 0312  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
13:27:58.0125 0312  Imapi - ok
13:27:58.0171 0312  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
13:27:58.0187 0312  ImapiService - ok
13:27:58.0187 0312  ini910u - ok
13:27:58.0203 0312  IntelIde - ok
13:27:58.0218 0312  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:27:58.0218 0312  Ip6Fw - ok
13:27:58.0250 0312  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:27:58.0250 0312  IpFilterDriver - ok
13:27:58.0265 0312  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:27:58.0265 0312  IpInIp - ok
13:27:58.0312 0312  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:27:58.0328 0312  IpNat - ok
13:27:58.0437 0312  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:27:58.0500 0312  iPod Service - ok
13:27:58.0515 0312  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:27:58.0531 0312  IPSec - ok
13:27:58.0546 0312  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
13:27:58.0562 0312  IRENUM - ok
13:27:58.0593 0312  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:27:58.0593 0312  isapnp - ok
13:27:58.0718 0312  [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
13:27:58.0750 0312  JavaQuickStarterService - ok
13:27:58.0765 0312  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:27:58.0765 0312  Kbdclass - ok
13:27:58.0796 0312  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:27:58.0796 0312  kbdhid - ok
13:27:58.0843 0312  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
13:27:58.0859 0312  kmixer - ok
13:27:58.0875 0312  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
13:27:58.0890 0312  KSecDD - ok
13:27:58.0890 0312  [ 5E34CD48B7EB440BB77E93528CC9F0CC ] LachesisFltr    C:\WINDOWS\system32\drivers\Lachesis.sys
13:27:58.0890 0312  LachesisFltr - ok
13:27:58.0953 0312  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
13:27:58.0968 0312  LanmanServer - ok
13:27:59.0031 0312  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:27:59.0046 0312  lanmanworkstation - ok
13:27:59.0046 0312  Lbd - ok
13:27:59.0046 0312  lbrtfdc - ok
13:27:59.0078 0312  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
13:27:59.0078 0312  LmHosts - ok
13:27:59.0093 0312  MagicTune - ok
13:27:59.0125 0312  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
13:27:59.0140 0312  Messenger - ok
13:27:59.0140 0312  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
13:27:59.0156 0312  mnmdd - ok
13:27:59.0187 0312  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
13:27:59.0203 0312  mnmsrvc - ok
13:27:59.0234 0312  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
13:27:59.0250 0312  Modem - ok
13:27:59.0437 0312  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt         C:\WINDOWS\system32\drivers\monfilt.sys
13:27:59.0578 0312  monfilt - ok
13:27:59.0593 0312  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:27:59.0593 0312  Mouclass - ok
13:27:59.0593 0312  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:27:59.0593 0312  mouhid - ok
13:27:59.0609 0312  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
13:27:59.0609 0312  MountMgr - ok
13:27:59.0609 0312  mraid35x - ok
13:27:59.0640 0312  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:27:59.0656 0312  MRxDAV - ok
13:27:59.0750 0312  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:27:59.0812 0312  MRxSmb - ok
13:27:59.0843 0312  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
13:27:59.0843 0312  MSDTC - ok
13:27:59.0875 0312  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:27:59.0875 0312  Msfs - ok
13:27:59.0875 0312  MSIServer - ok
13:27:59.0906 0312  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:27:59.0906 0312  MSKSSRV - ok
13:27:59.0921 0312  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:27:59.0921 0312  MSPCLOCK - ok
13:27:59.0921 0312  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:27:59.0921 0312  MSPQM - ok
13:27:59.0953 0312  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:27:59.0953 0312  mssmbios - ok
13:27:59.0968 0312  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:27:59.0968 0312  MSTEE - ok
13:28:00.0015 0312  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
13:28:00.0015 0312  MTsensor - ok
13:28:00.0046 0312  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
13:28:00.0062 0312  Mup - ok
13:28:00.0078 0312  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:28:00.0078 0312  NABTSFEC - ok
13:28:00.0125 0312  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
13:28:00.0156 0312  napagent - ok
13:28:00.0171 0312  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
13:28:00.0187 0312  NDIS - ok
13:28:00.0218 0312  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:28:00.0218 0312  NdisIP - ok
13:28:00.0250 0312  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:28:00.0250 0312  NdisTapi - ok
13:28:00.0281 0312  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:28:00.0281 0312  Ndisuio - ok
13:28:00.0296 0312  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:28:00.0312 0312  NdisWan - ok
13:28:00.0328 0312  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:28:00.0343 0312  NDProxy - ok
13:28:00.0375 0312  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:28:00.0375 0312  NetBIOS - ok
13:28:00.0390 0312  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:28:00.0421 0312  NetBT - ok
13:28:00.0453 0312  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
13:28:00.0453 0312  NetDDE - ok
13:28:00.0468 0312  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
13:28:00.0468 0312  NetDDEdsdm - ok
13:28:00.0500 0312  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:28:00.0500 0312  Netlogon - ok
13:28:00.0546 0312  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
13:28:00.0562 0312  Netman - ok
13:28:00.0609 0312  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:28:00.0625 0312  NetTcpPortSharing - ok
13:28:00.0687 0312  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
13:28:00.0703 0312  Nla - ok
13:28:00.0718 0312  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:28:00.0718 0312  Npfs - ok
13:28:00.0796 0312  [ D86E875C30B75481AC2EF16F38ACEC50 ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
13:28:00.0812 0312  nSvcIp - ok
13:28:00.0875 0312  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:28:00.0921 0312  Ntfs - ok
13:28:00.0937 0312  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
13:28:00.0937 0312  NtLmSsp - ok
13:28:01.0015 0312  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
13:28:01.0046 0312  NtmsSvc - ok
13:28:01.0078 0312  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:28:01.0093 0312  Null - ok
13:28:01.0125 0312  [ 70217A23470F4BB4C8FB4ABE06813081 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
13:28:01.0125 0312  NVENETFD - ok
13:28:01.0156 0312  [ BE8513730653384939A4D2D977C81027 ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
13:28:01.0171 0312  nvnetbus - ok
13:28:01.0203 0312  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:28:01.0203 0312  NwlnkFlt - ok
13:28:01.0203 0312  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:28:01.0218 0312  NwlnkFwd - ok
13:28:01.0359 0312  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:28:01.0406 0312  odserv - ok
13:28:01.0437 0312  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:01.0453 0312  ose - ok
13:28:01.0468 0312  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
13:28:01.0484 0312  Parport - ok
13:28:01.0484 0312  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
13:28:01.0484 0312  PartMgr - ok
13:28:01.0546 0312  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
13:28:01.0546 0312  ParVdm - ok
13:28:01.0562 0312  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
13:28:01.0578 0312  PCI - ok
13:28:01.0578 0312  PCIDump - ok
13:28:01.0578 0312  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
13:28:01.0593 0312  PCIIde - ok
13:28:01.0625 0312  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
13:28:01.0640 0312  Pcmcia - ok
13:28:01.0640 0312  Suspicious service (NoAccess): pdbojxdu
13:28:01.0640 0312  pdbojxdu ( LockedService.Multi.Generic ) - warning
13:28:01.0640 0312  pdbojxdu - detected LockedService.Multi.Generic (1)
13:28:01.0640 0312  PDCOMP - ok
13:28:01.0656 0312  PDFRAME - ok
13:28:01.0656 0312  PDRELI - ok
13:28:01.0656 0312  PDRFRAME - ok
13:28:01.0671 0312  perc2 - ok
13:28:01.0671 0312  perc2hib - ok
13:28:01.0718 0312  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
13:28:01.0718 0312  PlugPlay - ok
13:28:01.0718 0312  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
13:28:01.0718 0312  PolicyAgent - ok
13:28:01.0734 0312  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:28:01.0750 0312  PptpMiniport - ok
13:28:01.0796 0312  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
13:28:01.0812 0312  Processor - ok
13:28:01.0812 0312  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:28:01.0812 0312  ProtectedStorage - ok
13:28:01.0828 0312  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
13:28:01.0843 0312  PSched - ok
13:28:01.0859 0312  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:28:01.0859 0312  Ptilink - ok
13:28:01.0875 0312  ql1080 - ok
13:28:01.0875 0312  Ql10wnt - ok
13:28:01.0875 0312  ql12160 - ok
13:28:01.0890 0312  ql1240 - ok
13:28:01.0890 0312  ql1280 - ok
13:28:01.0906 0312  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:28:01.0921 0312  RasAcd - ok
13:28:01.0953 0312  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:28:01.0953 0312  RasAuto - ok
13:28:02.0000 0312  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:28:02.0000 0312  Rasl2tp - ok
13:28:02.0015 0312  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:28:02.0046 0312  RasMan - ok
13:28:02.0046 0312  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:28:02.0046 0312  RasPppoe - ok
13:28:02.0062 0312  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
13:28:02.0062 0312  Raspti - ok
13:28:02.0078 0312  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:28:02.0093 0312  Rdbss - ok
13:28:02.0109 0312  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:28:02.0109 0312  RDPCDD - ok
13:28:02.0156 0312  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
13:28:02.0171 0312  RDPWD - ok
13:28:02.0234 0312  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
13:28:02.0250 0312  RDSessMgr - ok
13:28:02.0312 0312  [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
13:28:02.0328 0312  RealNetworks Downloader Resolver Service - ok
13:28:02.0328 0312  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
13:28:02.0343 0312  redbook - ok
13:28:02.0375 0312  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:28:02.0390 0312  RemoteAccess - ok
13:28:02.0468 0312  [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
13:28:02.0484 0312  RimUsb - ok
13:28:02.0500 0312  [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
13:28:02.0500 0312  RimVSerPort - ok
13:28:02.0515 0312  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
13:28:02.0515 0312  ROOTMODEM - ok
13:28:02.0531 0312  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:28:02.0546 0312  RpcLocator - ok
13:28:02.0609 0312  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:28:02.0609 0312  RpcSs - ok
13:28:02.0625 0312  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
13:28:02.0640 0312  RSVP - ok
13:28:02.0656 0312  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:28:02.0656 0312  SamSs - ok
13:28:03.0015 0312  [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc         C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
13:28:03.0375 0312  SBAMSvc - ok
13:28:03.0406 0312  [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069 ] sbaphd          C:\WINDOWS\system32\drivers\sbaphd.sys
13:28:03.0406 0312  sbaphd - ok
13:28:03.0484 0312  [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs         C:\WINDOWS\system32\drivers\sbapifs.sys
13:28:03.0500 0312  sbapifs - ok
13:28:03.0578 0312  [ DC19FF9879775AC86BAA9C9282573E87 ] SbFw            C:\WINDOWS\system32\drivers\SbFw.sys
13:28:03.0609 0312  SbFw - ok
13:28:03.0625 0312  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCL        C:\WINDOWS\system32\DRIVERS\sbfwim.sys
13:28:03.0640 0312  SBFWIMCL - ok
13:28:03.0656 0312  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCLMP      C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
13:28:03.0656 0312  SBFWIMCLMP - ok
13:28:03.0687 0312  [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE            C:\WINDOWS\system32\drivers\SBREdrv.sys
13:28:03.0687 0312  SBRE - ok
13:28:03.0734 0312  [ 3CCB4C5686D23033FD01835BED868B4B ] sbtis           C:\WINDOWS\system32\drivers\sbtis.sys
13:28:03.0750 0312  sbtis - ok
13:28:03.0765 0312  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
13:28:03.0781 0312  SCardSvr - ok
13:28:03.0828 0312  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:28:03.0843 0312  Schedule - ok
13:28:03.0875 0312  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:28:03.0875 0312  Secdrv - ok
13:28:03.0906 0312  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
13:28:03.0906 0312  seclogon - ok
13:28:03.0921 0312  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
13:28:03.0921 0312  SENS - ok
13:28:03.0937 0312  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
13:28:03.0937 0312  serenum - ok
13:28:03.0953 0312  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
13:28:03.0953 0312  Serial - ok
13:28:03.0968 0312  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
13:28:03.0968 0312  Sfloppy - ok
13:28:04.0015 0312  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:28:04.0046 0312  SharedAccess - ok
13:28:04.0093 0312  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:28:04.0093 0312  ShellHWDetection - ok
13:28:04.0093 0312  Simbad - ok
13:28:04.0531 0312  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:28:04.0843 0312  Skype C2C Service - ok
13:28:04.0968 0312  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
13:28:04.0968 0312  SkypeUpdate - ok
13:28:05.0015 0312  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:28:05.0015 0312  SLIP - ok
13:28:05.0015 0312  Sparrow - ok
13:28:05.0062 0312  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
13:28:05.0062 0312  splitter - ok
13:28:05.0093 0312  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
13:28:05.0109 0312  Spooler - ok
13:28:05.0125 0312  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
13:28:05.0125 0312  sr - ok
13:28:05.0171 0312  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
13:28:05.0187 0312  srservice - ok
13:28:05.0234 0312  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:28:05.0281 0312  Srv - ok
13:28:05.0312 0312  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:28:05.0312 0312  SSDPSRV - ok
13:28:05.0359 0312  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
13:28:05.0390 0312  stisvc - ok
13:28:05.0390 0312  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:28:05.0390 0312  streamip - ok
13:28:05.0406 0312  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
13:28:05.0406 0312  swenum - ok
13:28:05.0421 0312  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
13:28:05.0437 0312  swmidi - ok
13:28:05.0437 0312  SwPrv - ok
13:28:05.0437 0312  symc810 - ok
13:28:05.0453 0312  symc8xx - ok
13:28:05.0453 0312  sym_hi - ok
13:28:05.0453 0312  sym_u3 - ok
13:28:05.0500 0312  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
13:28:05.0500 0312  sysaudio - ok
13:28:05.0531 0312  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
13:28:05.0531 0312  SysmonLog - ok
13:28:05.0578 0312  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:28:05.0609 0312  TapiSrv - ok
13:28:05.0687 0312  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:28:05.0718 0312  Tcpip - ok
13:28:05.0765 0312  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
13:28:05.0765 0312  TDPIPE - ok
13:28:05.0781 0312  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
13:28:05.0781 0312  TDTCP - ok
13:28:05.0812 0312  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
13:28:05.0812 0312  TermDD - ok
13:28:05.0859 0312  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
13:28:05.0890 0312  TermService - ok
13:28:05.0906 0312  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
13:28:05.0906 0312  Themes - ok
13:28:05.0921 0312  TosIde - ok
13:28:05.0921 0312  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
13:28:05.0937 0312  TrkWks - ok
13:28:05.0968 0312  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
13:28:05.0984 0312  Udfs - ok
13:28:06.0000 0312  [ 1C768107AC5BD510686C8F0E4DA30C48 ] uisp            C:\WINDOWS\system32\Drivers\usbicp.sys
13:28:06.0015 0312  uisp - ok
13:28:06.0046 0312  [ A4E07DA3AE2078BD96E84D4BAA07B71D ] ULCDRHlp        C:\WINDOWS\system32\Drivers\ULCDRHlp.sys
13:28:06.0046 0312  ULCDRHlp - ok
13:28:06.0046 0312  ultra - ok
13:28:06.0109 0312  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
13:28:06.0156 0312  Update - ok
13:28:06.0218 0312  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:28:06.0234 0312  upnphost - ok
13:28:06.0234 0312  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
13:28:06.0250 0312  UPS - ok
13:28:06.0265 0312  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
13:28:06.0281 0312  USBAAPL - ok
13:28:06.0312 0312  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:28:06.0312 0312  usbccgp - ok
13:28:06.0359 0312  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:28:06.0359 0312  usbehci - ok
13:28:06.0375 0312  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:28:06.0375 0312  usbhub - ok
13:28:06.0390 0312  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:28:06.0390 0312  usbohci - ok
13:28:06.0421 0312  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:28:06.0421 0312  usbprint - ok
13:28:06.0437 0312  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:28:06.0437 0312  usbscan - ok
13:28:06.0468 0312  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:28:06.0468 0312  USBSTOR - ok
13:28:06.0531 0312  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
13:28:06.0531 0312  VgaSave - ok
13:28:06.0625 0312  [ 80ED26C12AF05779A3F897B9BADF6F28 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
13:28:06.0640 0312  VIAHdAudAddService - ok
13:28:06.0640 0312  ViaIde - ok
13:28:06.0656 0312  [ 8643DA4A6C83DA6C10FCAB1E5AB6632D ] Video3D         C:\WINDOWS\system32\Drivers\Video3D32.sys
13:28:06.0656 0312  Video3D - ok
13:28:06.0703 0312  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
13:28:06.0703 0312  VolSnap - ok
13:28:06.0734 0312  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
13:28:06.0765 0312  VSS - ok
13:28:06.0859 0312  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
13:28:06.0875 0312  W32Time - ok
13:28:06.0890 0312  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:28:06.0890 0312  Wanarp - ok
13:28:06.0921 0312  [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM         C:\WINDOWS\system32\DRIVERS\wdcsam.sys
13:28:06.0921 0312  WDC_SAM - ok
13:28:07.0015 0312  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
13:28:07.0046 0312  Wdf01000 - ok
13:28:07.0062 0312  WDICA - ok
13:28:07.0078 0312  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
13:28:07.0093 0312  wdmaud - ok
13:28:07.0109 0312  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:28:07.0125 0312  WebClient - ok
13:28:07.0234 0312  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:28:07.0250 0312  winmgmt - ok
13:28:07.0281 0312  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
13:28:07.0296 0312  WmdmPmSN - ok
13:28:07.0312 0312  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:28:07.0328 0312  WmiApSrv - ok
13:28:07.0359 0312  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:28:07.0359 0312  WS2IFSL - ok
13:28:07.0390 0312  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
13:28:07.0390 0312  wscsvc - ok
13:28:07.0406 0312  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:28:07.0406 0312  WSTCODEC - ok
13:28:07.0437 0312  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
13:28:07.0468 0312  wuauserv - ok
13:28:07.0546 0312  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
13:28:07.0593 0312  WZCSVC - ok
13:28:07.0625 0312  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
13:28:07.0640 0312  xmlprov - ok
13:28:07.0687 0312  [ 748B72EB1010652B4A983FB806A2AA04 ] ZSMC301b        C:\WINDOWS\system32\Drivers\usbVM31b.sys
13:28:07.0703 0312  ZSMC301b - ok
13:28:07.0703 0312  ================ Scan global ===============================
13:28:07.0765 0312  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:28:07.0812 0312  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
13:28:07.0875 0312  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
13:28:07.0921 0312  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:28:07.0921 0312  [Global] - ok
13:28:07.0921 0312  ================ Scan MBR ==================================
13:28:07.0953 0312  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:28:08.0234 0312  \Device\Harddisk0\DR0 - ok
13:28:08.0234 0312  ================ Scan VBR ==================================
13:28:08.0234 0312  [ F37447751205C023F622F8444E9E4685 ] \Device\Harddisk0\DR0\Partition1
13:28:08.0234 0312  \Device\Harddisk0\DR0\Partition1 - ok
13:28:08.0234 0312  ============================================================
13:28:08.0234 0312  Scan finished
13:28:08.0234 0312  ============================================================
13:28:08.0250 0880  Detected object count: 1
13:28:08.0250 0880  Actual detected object count: 1
13:28:39.0125 0880  pdbojxdu ( LockedService.Multi.Generic ) - skipped by user
13:28:39.0125 0880  pdbojxdu ( LockedService.Multi.Generic ) - User select action: Skip 
13:28:56.0046 0840  Deinitialize success
 

 

The third result is from the AdwCleaner

 

# AdwCleaner v2.306 - Logfile created 07/20/2013 at 13:30:01

# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - EWA-8FF971CC847
# Boot Mode : Safe mode
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Program Files\vShare.tv plugin
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v6.0.2900.5512
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.72
 
File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [2529 octets] - [20/07/2013 13:30:01]
 
########## EOF - C:\AdwCleaner[S1].txt - [2589 octets] ##########
 

 

The fourth result is from the ESET

 

C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-ap.cab Win32/OpenCandy application deleted - quarantined

 

 

Will be waiting for your reply =)



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:41 AM

Posted 24 July 2013 - 04:04 PM

That looks good, Do you mean you are trying to other things on the PC while its scanning and that becomes slow?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ewa100

ewa100
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 26 July 2013 - 01:47 AM

Hi Boopme,

 

What I meant was that I was not doing anything before the scan, but after the scan ran for a few minutes it will slow down my computer. So even if I want to do anything while its scanning, its impossible to do due to the slowness.

 

After reading your reply, I straight away tried to run Malwarebytes Full Scan again.

It still slows down my computer significantly.

 

 Does this mean that my computer is just generally slow now? (last time before the Malwarebytes updates, the scan does not take this long).

 

I have attached the log result from Malwarebytes below

 

I will be awaiting for your reply. Thank you!

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.07.25.02
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Owner :: EWA-8FF971CC847 [administrator]
 
7/25/2013 9:23:10 PM
mbam-log-2013-07-25 (21-23-10).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 315816
Time elapsed: 12 hour(s), 10 minute(s), 57 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users