TechSpot

Pc stalls

By maguiredan
Oct 1, 2011
  1. My PC is unresponsive when I first come back to it after it's been idle all day or night. I've run several virus scans and can't find a problem. Would appreciate your advice.

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 7831

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514

    10/1/2011 9:12:11 AM
    mbam-log-2011-10-01 (09-12-11).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 167762
    Time elapsed: 35 minute(s), 12 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2011-10-01 09:34:21
    Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AADS-00M2B0 rev.0955
    Running: o9tsx7ul.exe; Driver: C:\Users\Danny\AppData\Local\Temp\uxtdqpod.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
    AttachedDevice \Driver\tdx \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

    ---- EOF - GMER 1.0.15 ----
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
    Run by Danny at 9:38:11 on 2011-10-01
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3062.925 [GMT -5:00]
    .
    AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
    FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO Firewall\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
    C:\Program Files\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\COMODO Firewall\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\Sonic Shared\CineTray.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Remind5\Reminder.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdfviewerplus\bin\PlusIEContextMenu.dll
    BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [Google Update] "c:\users\danny\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
    uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [COMODO Internet Security] "c:\program files\comodo firewall\comodo\comodo internet security\cfp.exe" -h
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [ISUSPM] "c:\programdata\flexnet\connect\11\isuspm.exe" -scheduler
    mRun: [OmniPage Preload] c:\program files\nuance\omnipage18\OmniPage18.exe /preload
    mRun: [Nuance OmniPage 18-reminder] "c:\program files\nuance\omnipage18\ereg\ereg.exe" -r "c:\programdata\scansoft\omnipage 18\ereg\Ereg.ini"
    mRun: [PDFHook] c:\program files\nuance\pdfviewerplus\pdfpro5hook.exe
    mRun: [PDF7 Registry Controller] c:\program files\nuance\pdf create 7\RegistryController.exe
    mRun: [IndexSearch] "c:\program files\nuance\paperport\IndexSearch.exe"
    mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe"
    mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\12\config\ereg\Ereg.ini"
    mRun: [PDF5 Registry Controller] c:\program files\nuance\pdfviewerplus\RegistryController.exe
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes\mbamgui.exe" /starttray
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes\mbam.exe" /runcleanupscript
    mRun: [ATIModeChange] Ati2mdxx.exe
    mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
    StartupFolder: c:\users\danny\appdata\roaming\micros~1\windows\startm~1\programs\startup\checkf~1.lnk - c:\jts\WiseUpdt.exe
    StartupFolder: c:\users\danny\appdata\roaming\micros~1\windows\startm~1\programs\startup\remind~1.lnk - c:\program files\remind5\Reminder.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\nuance~1.lnk - c:\program files\nuance\nuance cloud connector\GladLauncher.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\sonicc~1.lnk - c:\program files\common files\sonic shared\CineTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: Open with PDF Viewer Plus - c:\program files\nuance\pdfviewerplus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
    IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    LSP: c:\program files\avira\antivir desktop\avsda.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 208.59.247.45 208.59.247.46
    TCP: Interfaces\{336A3D3E-9582-4021-AC34-C1CC8D390245} : DhcpNameServer = 208.59.247.45 208.59.247.46
    Notify: AtiExtEvent - Ati2evxx.dll
    AppInit_DLLs: ?(?? c:\progra~1\google\google~3\go36f4~1.dll c:\windows\system32\guard32.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\danny\appdata\roaming\mozilla\firefox\profiles\0ejs0jtp.default\
    FF - prefs.js: browser.startup.homepage - hxxp://hotmail.com/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\users\danny\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-10-1 51984]
    R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-10-1 69392]
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-3-18 11608]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-3-3 238960]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-3-3 37592]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
    R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2011-9-16 340136]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-3-18 136360]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-3-18 269480]
    R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2011-6-29 428200]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-3-18 66616]
    R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-12 148744]
    R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-2-10 144672]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-9-15 2358656]
    R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-5-27 5586432]
    R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-5-27 209920]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-3-18 22216]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
    R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-10-1 33552]
    S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\photoshop\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 GladFileMonSvc;GladFileMonSvc;c:\program files\nuance\nuance cloud connector\GladFileMonSvc.exe [2011-5-9 29552]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-7 135664]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-6-20 2152152]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes\mbamservice.exe [2010-3-18 366152]
    S2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-3-7 14216]
    S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-3-7 8456]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-3-3 30192]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-7 135664]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-9-21 52224]
    .
    =============== Created Last 30 ================
    .
    2011-10-01 13:19:00 69392 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
    2011-10-01 13:19:00 51984 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
    2011-10-01 13:19:00 33552 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
    2011-10-01 13:18:58 -------- d-----w- c:\programdata\PC Tools
    2011-10-01 13:18:58 -------- d-----w- c:\program files\ThreatFire
    2011-09-29 23:13:30 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{543ff0ee-b823-466e-8491-625416d7263d}\offreg.dll
    2011-09-29 23:13:29 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{543ff0ee-b823-466e-8491-625416d7263d}\mpengine.dll
    2011-09-28 03:18:56 114688 ----a-w- c:\windows\system32\TwsSocketClient.dll
    2011-09-28 03:18:48 258048 ----a-w- c:\windows\ddedll.dll
    2011-09-28 03:18:40 626688 ----a-w- c:\windows\system32\msvcr80.dll
    2011-09-28 03:18:31 548864 ----a-w- c:\windows\system32\msvcp80.dll
    2011-09-28 03:18:22 479232 ----a-w- c:\windows\system32\msvcm80.dll
    2011-09-28 03:18:14 57344 ----a-w- c:\windows\system32\mfcm80u.dll
    2011-09-28 03:18:06 69632 ----a-w- c:\windows\system32\mfcm80.dll
    2011-09-28 03:17:58 1079808 ----a-w- c:\windows\system32\mfc80u.dll
    2011-09-28 03:17:51 1093632 ----a-w- c:\windows\system32\mfc80.dll
    2011-09-25 21:34:39 -------- d-----w- C:\Diamond
    2011-09-22 01:37:03 -------- d-----w- c:\windows\system32\SPReview
    2011-09-22 01:36:28 -------- d-----w- c:\windows\system32\EventProviders
    2011-09-22 01:22:59 86528 ----a-w- c:\windows\system32\isoburn.exe
    2011-09-22 01:04:52 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
    2011-09-18 14:31:49 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2011-09-18 14:16:32 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2011-09-18 14:04:57 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll
    2011-09-18 14:03:42 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-09-18 14:01:59 802304 ----a-w- c:\windows\system32\WFS.exe
    2011-09-18 14:01:59 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
    2011-09-18 14:01:56 542208 ----a-w- c:\windows\system32\kerberos.dll
    2011-09-18 14:01:10 123904 ----a-w- c:\windows\system32\poqexec.exe
    2011-09-18 14:01:06 311808 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-09-18 14:01:06 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-09-18 14:01:06 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-09-18 14:01:01 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2011-09-18 14:00:51 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
    2011-09-18 14:00:51 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
    2011-09-18 13:57:06 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2011-09-18 13:57:06 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
    2011-09-18 13:57:06 161792 ----a-w- c:\windows\system32\d3d10_1.dll
    2011-09-18 13:54:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-09-18 13:54:46 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2011-09-18 13:54:46 107520 ----a-w- c:\windows\system32\cdd.dll
    2011-09-18 13:38:07 16432 ----a-w- c:\windows\system32\lsdelete.exe
    2011-09-17 22:50:09 -------- d-----w- c:\windows\pss
    2011-09-17 20:38:14 388096 ----a-r- c:\users\danny\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-09-17 20:38:14 -------- d-----w- c:\program files\Trend Micro
    2011-09-17 01:20:37 -------- d-----w- C:\sh4ldr
    2011-09-17 01:20:37 -------- d-----w- c:\program files\Enigma Software Group
    2011-09-17 01:19:45 -------- d-----w- c:\windows\820C0EEB9B124AD5B39DD15ED1DBDD06.TMP
    2011-09-17 01:19:43 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-09-16 01:00:27 -------- d-----w- c:\program files\TeamViewer
    2011-09-15 00:34:01 -------- d-----w- c:\program files\DataTime SRL
    2011-09-14 23:46:08 -------- d-----r- c:\program files\Skype
    .
    ==================== Find3M ====================
    .
    2011-09-25 20:45:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-25 20:29:23 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
    2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-07-11 01:54:38 285256 ----a-w- c:\windows\system32\guard32.dll
    2011-07-11 01:54:33 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
    2011-07-11 01:54:31 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
    2011-07-11 01:54:31 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
    2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-07-07 23:42:57 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-07-06 00:45:38 285256 ----a-w- c:\windows\system32\guard32(34).dll
    .
    ============= FINISH: 9:39:07.71 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/5/2010 9:35:34 PM
    System Uptime: 9/28/2011 3:45:27 PM (66 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | Maximus III Formula
    Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | LGA1156 | 1176/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 368 GiB total, 284.952 GiB free.
    D: is FIXED (NTFS) - 0 GiB total, 0.06 GiB free.
    E: is CDROM ()
    F: is FIXED (NTFS) - 149 GiB total, 96.979 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP127: 9/21/2011 8:36:54 PM - Windows 7 Service Pack 1
    RP128: 9/25/2011 3:48:12 PM - Windows Update
    RP129: 9/27/2011 9:39:18 PM - Installed G-BOT
    RP130: 9/29/2011 6:08:29 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Acrobat.com
    Ad-Aware
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Photoshop Elements 8.0
    Adobe Photoshop.com Inspiration Browser
    Adobe Reader 9.4.6
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ATI Display Driver
    Avira AntiVir Premium
    C2SignalConverter
    Call of Duty: Modern Warfare 2
    Call of Duty: Modern Warfare 2 - Multiplayer
    COMODO Internet Security
    COMODO livePCsupport
    EASEUS Partition Master 5.0.1 Home Edition
    FileZilla Client 3.3.5.1
    G-BOT
    Garmin USB Drivers
    Garmin WebUpdater
    GoMeetNow
    Google Chrome
    Google Desktop
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToMeeting 4.5.0.457
    HiJackThis
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 26
    Malwarebytes' Anti-Malware version 1.51.2.1300
    McAfee Security Scan Plus
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Move Networks Media Player for Internet Explorer
    Mozilla Firefox 4.0.1 (x86 en-US)
    Mozilla Thunderbird (3.0.4)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB973685)
    Nuance Cloud Connector
    Nuance OmniPage 18
    Nuance PaperPort 12
    Nuance PDF Create 7
    Nuance PDF Viewer Plus
    OEC AutoX 3.5
    OEC Chart Package 3.5
    OEC eSignal Data Provider 3.5
    OEC Excel Add-In 3.3
    OEC Market Replay 3.5
    OEC MarketDelta 3.5
    OEC RSS News Feed 3.5
    OEC Trader 3.5
    PaperPort Image Printer
    QuickTime
    RoboForm 7-3-2 (All Users)
    Scansoft PDF Professional
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2553074)
    Security Update for 2007 Microsoft Office System (KB2553089)
    Security Update for 2007 Microsoft Office System (KB2553090)
    Security Update for 2007 Microsoft Office System (KB2584063)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft Office Excel 2007 (KB2553073)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skype™ 5.5
    SmartFTP Client
    SmartFTP Client 4.0 Setup Files (remove only)
    Sonic CinePlayer DVD Pack
    Steam
    Stock Investor Professional
    StockFinder 5.0
    TC2000 v11
    TeamViewer 6
    TeleChart 2007
    thinkorswim
    ThreatFire
    TickGrabber
    Trader Workstation 4.0
    TradeStation 9.0
    TVUPlayer 2.5.2.2
    TWS Interoperability Components
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2583910)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2553110)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.1.11
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
    WinRAR 4.01 (32-bit)
    Xtend
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/30/2011 9:44:12 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.
    9/30/2011 9:44:12 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
    9/27/2011 9:15:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    9/26/2011 5:24:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
    9/26/2011 4:43:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    9/25/2011 4:35:46 PM, Error: Service Control Manager [7030] - The Ati HotKey Poller service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    9/25/2011 3:40:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x80070005' when adding the URL 'http://+:10243/WMPNSSv4/547021614/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
    9/25/2011 3:40:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x80070005' when adding the URL 'http://+:10243/WMPNSSv4/2749825265/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
    9/25/2011 3:40:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
    10/1/2011 9:32:49 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
    10/1/2011 9:32:28 AM, Error: Service Control Manager [7034] - The GladFileMonSvc service terminated unexpectedly. It has done this 1 time(s).
    10/1/2011 9:31:51 AM, Error: Service Control Manager [7034] - The Adobe Active File Monitor V8 service terminated unexpectedly. It has done this 1 time(s).
    10/1/2011 8:21:19 AM, Error: Service Control Manager [7034] - The ThreatFire service terminated unexpectedly. It has done this 1 time(s).
    10/1/2011 8:20:31 AM, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    .
    ==== End Of File ===========================
     
  2. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    All looks clean.
    Please create new topic in Windows forum.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...