Solved PC running slowly

[a4007035]

Hi All,

My PC is running slowly and I believe this is probably due to viruses, malware, etc.

I have followed the steps as per https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

I shall post my logs in the next few messages

Regards

Gavin

 

[a4007035]

Mbam log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6067

Windows 6.1.7100
Internet Explorer 8.0.7100.0

15/03/2011 19:10:07
mbam-log-2011-03-15 (19-10-07).txt

Scan type: Quick scan
Objects scanned: 158980
Time elapsed: 1 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[a4007035]

gmer log

Nothing to display

 

[a4007035]

DDS

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jonny at 19:18:37.30 on 15/03/2011
Internet Explorer: 8.0.7100.0 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Ultimate 6.1.7100.0.1252.44.1033.18.2047.1209 [GMT 0:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp2uvc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jonny\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min /nosplash
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [FixCamera] C:\Windows\FixCamera.exe
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
mRun-x64: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
mRun-x64: [HCWemmon] HCWemmon.exe
mRun-x64: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
mRun-x64: [snp2uvc] C:\Windows\vsnp2uvc.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jonny\AppData\Roaming\Mozilla\Firefox\Profiles\sb95364y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Users\Jonny\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Favicon Picker 3: {446c03e0-2c35-11db-a98b-0800200c9a67} - %profile%\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-4-22 59904]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-5-25 135336]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;C:\Windows\System32\drivers\wg111v3.sys [2010-5-21 446976]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-4-22 17920]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-3-28 389120]
S4 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-5-25 267944]
.
=============== Created Last 30 ================
.
2011-03-15 19:05:15 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-15 18:12:07 -------- d-----w- C:\Users\Jonny\AppData\Roaming\Avira
2011-03-07 18:11:30 -------- d-----w- C:\Users\Jonny\CV Information
2011-03-05 15:48:56 -------- d-----w- C:\Program Files (x86)\SopCast
.
==================== Find3M ====================
.
2011-02-02 21:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-12-20 18:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 19:19:08.62 ===============

 

[a4007035]

Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 25/05/2009 16:56:59
System Uptime: 15/03/2011 19:02:09 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | A8N32-SLI-Deluxe
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | SOCKET 939 | 990/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 55.49 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: NVIDIA nForce Networking Controller
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&267A616A&0&98
Manufacturer: NVIDIA
Name: NVIDIA nForce 10/100/1000 Mbps Ethernet
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&267A616A&0&98
Service: NVENETFD
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4362&SUBSYS_81421043&REV_15\4&258F32F&0&0018
Manufacturer: Marvell
Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4362&SUBSYS_81421043&REV_15\4&258F32F&0&0018
Service: yukonw7
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Reader 9.1.2
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
µTorrent
Avira AntiVir Personal - Free Antivirus
Compatibility Pack for the 2007 Office system
DVD Shrink 3.2
Facebook Plug-In
Hauppauge MCE XP/Vista Software Encoder (2.0.25180)
Hauppauge WinTV
Hauppauge WinTV Infrared Remote
Hauppauge WinTV Scheduler
Hauppauge WinTV Soft PVR
InterVideo FilterSDK for Hauppauge
Java Auto Updater
Java(TM) 6 Update 24
Malwarebytes' Anti-Malware
MediaMonkey 3.1
Microsoft Choice Guard
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.15)
MSVCRT
NETGEAR WG111v3 wireless USB 2.0 adapter
Photo Story 3 for Windows
QuickTime
Realtek AC'97 Audio
SopCast 3.2.9
USB 2.0 WEB CAMERA
VLC media player 0.9.9
VTPlus32 for WinTV (English)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinZip 14.5
.
==== End Of File ===========================

 

[Bobbye]

So far, so good with respect to malware, but we will check further. You are running a lot of unnecessary processes> a big one is 9 versions of Java in the Firefox Java Console. You do not need to add a separate extension for Firefox when updating Java:

Remove outdated Java plugin files from the Firefox plugins folder:
Note: It is recommended that you do not copy Java plugins from other locations to the Firefox plugins folder. Outdated Java plugins can cause Java not to work if you update Java and then uninstall the older Java version, if plugins from the old Java version are still in the Firefox plugins folder.
1. Open Firefox> Tools> Add-ons. The Add-ons window will open.
2. In the Add-ons window> select the Plugins panel, to display a list of installed plugins.
3. Select each Java plugin listed to make sure that all are enabled.
4. Check if the Java plugins are correctly detected. All Java plugins listed in the Add-ons window should match the version number of the currently installed JRE. There should be no plugins for earlier versions of Java.
5. Java plugin files that do not match your current version means that the Firefox plugins folder contains outdated Java plugin files which should be removed. This folder is typically in the following location: Use Windows Explorer to access> My Computer> Local Drive> Programs>>>
C:\Program Files\Mozilla Firefox\plugins
Java files from older versions in the Firefox plugins folder can prevent Java from working correctly.
=====================================
Please describe slow to me> Slow to load? Slow to shut down? Slow to connect? Slow to surf? Did you noticed a markedly abrupt slowdown after installing a program> If Yes, which one?
===================================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner

1. Tick the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the Active X control to install
4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
5. Click Start
6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
7. Click Scan
8. Wait for the scan to finish
9. Click on "Copy to Clipboard"> (you won't see the 'clipboard')
10. Click anywhere in the post where you want the logs to go, the do Ctrl V. The log will be sent from the clipboard and pasted in the post.
11. Re-enable your Antivirus software.
    NOTE: If you forget to copy to the clipboard you can find the log here:
    C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

===================================
Download Combofix to your desktop from one of these locations:
Link 1
Link 2http://www.forospyware.com/sUBs/ComboFix.exe

• Double click combofix.exe & follow the prompts.
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
• Query- Recovery Console image
  
  
  
  

  WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

• Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
  
  
• .Click on Yes, to continue scanning for malware
• .If Combofix asks you to update the program, allow
• .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• .Close any open browsers.
• .Double click combofix.exe
  
  & follow the prompts to run.
• When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

Re-enable your Antivirus software.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

 

[a4007035]

C:\Windows\FixCamera.exe a variant of Win32/KillProc.B application
Operating memory a variant of Win32/KillProc.B application

 

[a4007035]

ComboFix 11-03-19.04 - Jonny 20/03/2011 16:56:24.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7100.0.1252.44.1033.18.2047.1275 [GMT 0:00]
Running from: c:\users\Jonny\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-02-20 to 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 16:59 . 2011-03-20 16:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 16:42 . 2011-03-19 16:42 -------- d-----w- c:\program files (x86)\SopCast
2011-03-19 14:08 . 2011-03-19 14:08 -------- d-----w- c:\program files (x86)\ESET
2011-03-15 19:05 . 2010-12-20 18:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-15 18:12 . 2011-03-15 18:12 -------- d-----w- c:\users\Jonny\AppData\Roaming\Avira
2011-03-12 12:49 . 2011-03-12 12:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-07 18:11 . 2011-03-07 19:28 -------- d-----w- c:\users\Jonny\CV Information
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 21:40 . 2010-08-02 19:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-20 18:08 . 2010-10-02 13:36 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2009-04-22 05:21 441856 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"FixCamera"="c:\windows\FixCamera.exe" [2008-08-21 188928]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2008-08-01 675840]
"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2009-09-27 320512]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-2-7 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\DRIVERS\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\DRIVERS\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-04-04 90976]
R3 defragsvc;Disk Defragmenter;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HomeGroupListener;HomeGroup Listener;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 HomeGroupProvider;HomeGroup Provider;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 HpSAMD;HpSAMD;c:\windows\system32\DRIVERS\HpSAMD.sys [x]
R3 iaStorV;iaStorV;c:\windows\system32\DRIVERS\iaStorV.sys [x]
R3 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\DRIVERS\IPMIDrv.sys [x]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\DRIVERS\msiscsi.sys [x]
R3 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 mpio;mpio;c:\windows\system32\DRIVERS\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\DRIVERS\msahci.sys [x]
R3 msdsm;msdsm;c:\windows\system32\DRIVERS\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 nvstor;nvstor;c:\windows\system32\DRIVERS\nvstor.sys [x]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 PerfHost;Performance Counter DLL Host;c:\windows\SysWow64\perfhost.exe [2009-04-22 20992]
R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 s3cap;s3cap;c:\windows\system32\DRIVERS\vms3cap.sys [x]
R3 scfilter;Smart card PnP Class Filter Driver;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 SensrSvc;Adaptive Brightness;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 SessionEnv;Remote Desktop Configuration;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\DRIVERS\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\system32\DRIVERS\smb.sys [x]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 storvsc;storvsc;c:\windows\system32\DRIVERS\storvsc.sys [x]
R3 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2009-04-22 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\DRIVERS\uliagpkx.sys [x]
R3 UmRdpService;Remote Desktop Services UserMode Port Redirector;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\DRIVERS\usbcir.sys [x]
R3 VaultSvc;Credential Manager;c:\windows\system32\lsass.exe [x]
R3 vhdmp;vhdmp;c:\windows\system32\DRIVERS\vhdmp.sys [x]
R3 vmbus;vmbus;c:\windows\system32\DRIVERS\vmbus.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\DRIVERS\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 wbengine;Block Level Backup Engine Service;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Windows Biometric Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [x]
R3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-04-22 22080]
R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2009-04-22 27648]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 WwanSvc;WWAN AutoConfig;c:\windows\system32\svchost.exe [2009-04-22 27648]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 Mcx2Svc;Media Center Extender Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
S0 amdxata;amdxata;c:\windows\system32\DRIVERS\amdxata.sys [x]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Bitlocker Drive Encryption Filter Driver;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\DRIVERS\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Disk Virtual Machine Bus Acceleration Filter Driver;c:\windows\system32\DRIVERS\vmstorfl.sys [x]
S0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\system32\DRIVERS\vdrvroot.sys [x]
S0 volmgr;Volume Manager Driver;c:\windows\system32\DRIVERS\volmgr.sys [x]
S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;NetIO Legacy TDI Support Driver;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [x]
S2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Power;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 RpcEptMapper;RPC Endpoint Mapper;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [x]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-04-22 27648]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-04-22 27648]
S2 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe [2009-04-22 27648]
S3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\DRIVERS\1394ohci.sys [x]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-04-22 27648]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\DRIVERS\CompositeBus.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [x]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
S3 netprofm;Network List Service;c:\windows\System32\svchost.exe [2009-04-22 27648]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [x]
S3 sppuinotify;SPP Notification Service;c:\windows\system32\svchost.exe [2009-04-22 27648]
S3 srv2;Server SMB 2.xxx Driver;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;UMBus Enumerator Driver;c:\windows\system32\DRIVERS\umbus.sys [x]
S3 vwifibus;Virtual WiFi Bus Driver;c:\windows\System32\drivers\vwifibus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2009-04-22 27648]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
winmgmt
SessionEnv
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2009-04-22 05:40 508928 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-01 16299552]
"HCWemmon"="HCWemmon.exe" [2007-03-29 61440]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2008-08-01 675840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
BDESVC
Themes
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Jonny\AppData\Roaming\Mozilla\Firefox\Profiles\sb95364y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&sourceid=navclient&gfns=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Favicon Picker 3: {446c03e0-2c35-11db-a98b-0800200c9a67} - %profile%\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-20 17:01:42
ComboFix-quarantined-files.txt 2011-03-20 17:01
.
Pre-Run: 60,477,980,672 bytes free
Post-Run: 60,725,510,144 bytes free
.
- - End Of File - - 8CDD7CF71AB719987AD2A6B29FF7CDDE

 

[a4007035]

Slow = Programs take time to load up or longer than they used to. Programs no longer run as smoothly as they used to.

 

[Bobbye]

Please don't break out entries from a log and leave them with no identifying information.

The malware found in Eset- if it really is malware: Trojan:Win32/KillProc.A is a trojan that opens a named pipe for communication with a remote attacker and attempts to terminate the Windows shell "explorer.exe" process.

However, this process can sometimes be a legitimate entry for a webcam. The only was to find out for sure is submit it for identification:

Please go to VirSCAN.org FREE on-line scan service:
If busy, you can use one of the following: ( you only need one)
VirusTotal
Jotti

• 
  [1]. Copy and paste the following file path into the Suspicious files to scan box on the top of the page.
  
  

  C:\Windows\FixCamera.exe

  [2]. At the upload site, click once inside the window next to Browse.
  [3]. Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
  [4]. Click on the Upload button.
  This will perform a scan across multiple different virus scanning engines.
  Your file will possibly be entered into a queue which normally takes less than a minute to clear.
  Important: Wait for all of the scanning engines to complete.
  [5]. Once the Scan is completed scroll down and click on the Copy to Clipboard button. This will copy the link of the report into the Clipboard.
  [6]. Paste the contents of the Clipboard in your next reply.

I will wait on this identification before taking any action.

 

[a4007035]

VirSCAN

VirSCAN.org Scanned Report :
Scanned time : 2011/01/20 00:12:53 (GMT)
Scanner results: Scanners did not find malware!
File Name : FixCamera.exe
File Size : 188928 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 0a9c8038265e0b8cf921892b9469b6b2
SHA1 : 992454d8bd8b8f4d221c5d7ad505b2e620286100
Online report : http://virscan.org/report/4155630640b6cc6ff9a36f4c28884ab0.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.2 20110120010125 2011-01-20 6.34 -
AhnLab V3 2011.01.11.00 2011.01.11 2011-01-11 1.65 -
AntiVir 8.2.4.148 7.11.1.182 2011-01-19 0.28 -
Antiy 2.0.18 20101228.6954489 2010-12-28 0.02 -
Arcavir 2010 201101200640 2011-01-20 0.12 -
Authentium 5.1.1 201101191551 2011-01-19 2.19 -
AVAST! 4.7.4 110119-0 2011-01-19 0.02 -
AVG 8.5.850 271.1.1/3390 2011-01-19 0.31 -
BitDefender 7.90123.6665986 7.35798 2011-01-20 6.27 -
ClamAV 0.96.5 12548 2011-01-20 0.07 -
Comodo 4.0 7436 2011-01-18 1.60 -
CP Secure 1.3.0.5 2011.01.20 2011-01-20 0.08 -
Dr.Web 5.0.2.3300 2011.01.20 2011-01-20 10.83 -
F-Prot 4.4.4.56 20110119 2011-01-19 2.19 -
F-Secure 7.02.73807 2011.01.19.08 2011-01-19 13.50 -
Fortinet 4.2.254 12.807 2011-01-18 9.89 -
GData 21.1592/21.626 20110119 2011-01-19 10.18 -
ViRobot 20110119 2011.01.19 2011-01-19 0.38 -
Ikarus T3.1.32.15.0 2011.01.19.77561 2011-01-19 5.38 -
JiangMin 13.0.900 2011.01.18 2011-01-18 1.43 -
Kaspersky 5.5.10 2011.01.19 2011-01-19 12.16 -
KingSoft 2009.2.5.15 2011.1.19.18 2011-01-19 0.71 -
McAfee 5400.1158 6231 2011-01-19 19.47 -
Microsoft 1.6402 2011.01.18 2011-01-18 3.33 -
Norman 6.06.12 6.06.00 2011-01-18 14.03 -
Panda 9.05.01 2011.01.19 2011-01-19 3.64 -
Trend Micro 9.200-1012 7.778.18 2011-01-19 0.04 -
Quick Heal 11.00 2011.01.18 2011-01-18 1.11 -
Rising 20.0 22.83.02.00 2011-01-19 2.03 -
Sophos 3.15.0 4.61 2011-01-20 3.37 -
Sunbelt 3.9.2474.2 8122 2011-01-18 1.04 -
Symantec 1.3.0.24 20110119.003 2011-01-19 0.09 -
nProtect 20110119.01 9633856 2011-01-19 12.54 -
The Hacker 6.7.0.1 v00116 2011-01-18 0.54 -
VBA32 3.12.14.2 20110118.1304 2011-01-18 4.47 -
VirusBuster 5.2.0.28 13.6.152.1/42900732011-01-19 0.00 -

 

[Bobbye]

Okay, that's good. It's not malware. More about this:

My PC is running slowly and I believe this is probably due to viruses, malware, etc.

1. Why do you think it's malware?
2. Are there any 'symptoms' other than slowness?
3. Is this a recent, drastic slowdown?
4. Did you download or install anything-including updates-before the slowdown was noticed?
=================================================
There are 3 processes running thru Windows Search:> Search filter, Search indexer and SearchProtocolHost
Source: Black Viper http://www.blackviper.com/wiki/Windows_Search

Description:
Provides content indexing, property caching, and search results for files, e-mail, and other content.
Searching for a file does not take "that" long to justify always having this service taking up resources. If, however, you do many file searches, you could benefit from keeping this default service on Automatic.
Display Name: Windows Search

Windows Search can be disabled. It is a big resource user.
Stsrt> Run> type in services.msc> enter> Double click on Windows Search> Chsnge Startup type to Disabled> Stop the Service> Apply> OK> Exit Services.
========================================
Open the Java extension as instructed and remove these Java entries. The only current version us v6u24, which you have- but you do not need a separate extension for it in Firefox:
FF - Ext: Java Console: v6-0011-
FF - Ext: Java Console: v6-0013-
FF - Ext: Java Console: v6-0014-
FF - Ext: Java Console: v6-0015-
FF - Ext: Java Console: v6-0017-
FF - Ext: Java Console: v6-0021-
FF - Ext: Java Console: v6-0022-
FF - Ext: Java Console: v6-0023-
FF - Ext: Java Console: v6-0024-
====================================
None of these processes need to start on boot and run in the background. You can use the msconfig utility to take all off of the Startup Menu:
C:\Windows\FixCamera.exe
C:\Windows\tsnp2uvc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
======================================
Do you need to have these running all the time?
C:\Windows\vsnp2uvc.exe
C:\Windows\tsnp2uvc.exe
This file is installed as part of the Capturix VideoSpy application (http://www.capturix.com/) or WDM Custom ICustomCamera Interface handler. If you do have any of that software or webcam driver installed on the computer, the file should be existed.

A NOTE: You were already noticing a slowdown. Why did you install this 4 days later?
SopCast - Free P2P internet TV | live football, NBA, cricket

See if handling all of the above makes any difference in the 'speed'. They should.
Let me know.

 

[a4007035]

1. Why do you think it's malware?
2. Are there any 'symptoms' other than slowness?
3. Is this a recent, drastic slowdown?
4. Did you download or install anything-including updates-before the slowdown was noticed?

It was more of an assumption really. Haven't really installed many programs recently that require a lot of resource so thought it could be down to malware. I wouldn't use the word 'slow'. I just believe it is slower than it was 3 months ago.

Yes, I've downloaded quite a lot:- music, photos, updates for various software such as avira, windows, java, itunes, quicktime, etc.

Windows Search can be disabled. It is a big resource user.

Disabled

Open the Java extension as instructed and remove these Java entries

I have disabled the previous java versions. However, they are still currently sitting in the extension tab and I cannot uninstall them.

C:\Windows\FixCamera.exe
C:\Windows\tsnp2uvc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\vsnp2uvc.exe
C:\Windows\tsnp2uvc.exe

Disabled these processes

C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe

Could not locate these processes using msconfig

A NOTE: You were already noticing a slowdown. Why did you install this 4 days later?
SopCast - Free P2P internet TV | live football, NBA, cricket

Apologies, I was just updating my previous version with the latest software.

 

[Bobbye]

In the last three months, when was the last time you did a disc cleanup, deleted temporary internet files and Cookies, did an Error Check and a Defrag?

Yes, I've downloaded quite a lot:- music, photos, updates for various software such as avira, windows, java, itunes, quicktime, etc.

If any of these downloads load on boot, then run in the background, that can slow you down. Java, iTunes, QuickTime and possibly some of the 'etc. all have automatic checking for updates. They don't need to run but you have to disable the auto-updates. security programs are okay to update- but not the others.

 

[Bobbye]

Thread will be closed in 2 days if there is no reply.

 

[a4007035]

In the last three months, when was the last time you did a disc cleanup, deleted temporary internet files and Cookies, did an Error Check and a Defrag?

Ran disc cleanup, always delete temp internet files and cookies. Not done an error check or defrag in a while. Will do now.

Ok, I shall disable the autoupdates for the programs you have named.

PC is running a lot better now and pretty much back to normal.

Thanks for the help

 

[Bobbye]

For some programs, you have to open the program folder to disable or stop some part of it. For instance, for iTunes and QuickTime, use Windows Explorer> My Computer> Double click on Local Drive (C)> Programs> double click on Program folder> find update feature and disable.

For Java: Control Panel> Java: Update tab> Uncheck the auto-update> Click on Yes yo confirm.

You can boss your system around and have it only do what you want it to. I have no auto-updates except for the AV program. And keep in mind, Google is your friend!