Jump to content

Very slow boot/opening programs, constant program hangs/crashes, regular CPU spikes of 50%+, can't resolve!


Recommended Posts

Hi there all, I'm finally at my wit's end with this:

 

A guy on my course gave me his laptop to have a look at as apparently it went from "fine" to the unusable condition it's in now literally overnight (I'm no expert but I've helped fix a few friends/relatives computers in the past with the help of sites like this) - firstly, there WAS an instance of uTorrent on there when I recieved it, which I have deleted as recommended (and I also assume is the cause of the problem in the first place - although I'm unable to find any keygens or other obvious "warez" by searching on the drive, so aside from individually going through his private files I'll assume it's piracy-free...or was at least "cleaned up" before he gave it to me).

 

Right, basically the boot time now takes anything up to ten minutes and windows has hung and failed to boot on a few occasions, seemingly at random. RAM use is seemingly normal, but the CPU spikes at roughly 50% in intermittent but regular patterns (to clarify, the timing of when this happens is intermittent, but the pattern of the CPU spikes is regular and looks like a "sawtooth" wave) and the computer becomes essentially locked-up while this happens for up to ten minutes at a time. Firefox hangs and then asks to be restarted almost every time you click it - also, this morning on booting it said that the windows copy wasn't legit, but after running a system restore that issue at least has been resolved (he hasn't backed anything up, there seemed to be 3 restore points I could choose and I picked the most recent - they were all from about 3 days ago within 12 hours of each other - not sure if there were automatically generated as he didn't know what I meant when I asked if he'd already tried a system restore - when I get this working again I'll image his drive for him so either myself or someone else doesn't have to fix it for him again!).

 

I've seperately scanned with Malware Bytes, SuperAntiSpyware, IOBit Advanced System Care just to make sure, all of which came back as clean. Hijackthis wouldn't create a log file yesterday, but for reasons unknown, now will (maybe something to do with the system restore I did earlier today) - it still says that it can't access the HOST file though - there was an alarming amount of red-flagged entries when I passed the HJT log through an automated scanner, but I didn't wish to make any changes without first checking with folks more knowledgable than myself! (also, after reading a few posts on here, it seems HJT isn't as relavent nowadays anyway)

 

The requested "attach.txt" and "dds.txt" should be attached.

 

Apologies for the long rant, I incorrectly assumed this would be a quick and easy fix and I'm just frustrated at my own lack of know-how.

 

P.S. - if there is anything on the logs that shouldn't be there that I've missed (piracy or otherwise) please just tell me and I'll delete it immediately - I've no interest in helping someone break the law.

 

Thanks in advance X

attach.txt

dds.txt

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 22/10/2013 10:45:54
System Uptime: 03/12/2013 12:31:39 (2 hours ago)
.
Motherboard: TOSHIBA |  | PWWAA
Processor: Intel® Core i3 CPU       M 370  @ 2.40GHz | CPU | 2399/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 119.992 GiB free.
D: is FIXED (NTFS) - 298 GiB total, 273.255 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is FIXED (FAT32) - 931 GiB total, 105.385 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP93: 01/12/2013 02:31:22 - Installed Superior Drummer Installer.
RP94: 01/12/2013 20:17:28 - Installed EZXMetalMachine.
RP95: 02/12/2013 03:42:08 - Installed Superior Drummer 64-bit.
RP96: 03/12/2013 12:28:35 - Restore Operation
RP97: 03/12/2013 12:49:48 - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Photoshop Lightroom 5.2 64-bit
Adobe Reader 9.5.5
Advanced SystemCare 7
Alien Skin Blow Up 3
Antares Avox 1.06
Antares Microphone Modeler DX v1.32
BBC iPlayer Desktop
BBC iPlayer Downloads
CANON iMAGE GATEWAY MyCamera Download Plugin
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.10
Canon Utilities EOS Utility
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
Canon Utilities Movie Uploader for YouTube
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
Cinesamples Drums of War 2
Clavia USB Driver v3.00
Color Efex Pro 4
COMODO Firewall
D3DX10
Dfine 2.0
Driver Booster
Dropbox
EZXMetalMachine
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HDR Efex Pro 2
High-Definition Video Playback
HiJackThis
Intel® C++ Redistributables for Windows* on Intel® 64
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
IObit Uninstaller
iZotope Nectar 2 Production Suite
iZotope Trash 2
Java 7 Update 45
Java Auto Updater
Java 6 Update 20
Junk Mail filter update
K-Lite Codec Pack 10.0.0 Full
M-Audio FastTrackPro Driver 6.0.7 (x64)
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Camera Codec Pack
Microsoft Office 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Abbey Road 50s Drummer
Native Instruments Abbey Road Modern Drums
Native Instruments Abbey Road Vintage Drummer
Native Instruments Controller Editor
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig Mobile IO Driver
Native Instruments Guitar Rig Session IO Driver
Native Instruments Kontakt 5
Native Instruments Rig Kontrol 3 Driver
Native Instruments Service Center
Neat Image v7.0 Pro plug-in for Photoshop (64-bit)
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero Multimedia Suite 10 Essentials
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NeroKwikMedia Help (CHM)
NextUp-Acapela Rosie22 UK English Voice
Nord Sample Editor v2.10
Nord Sound Manager v5.58
PDF Settings CS6
Photomatix Pro version 4.2.5
PlayReady PC Runtime amd64
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Recuva
Sharpener Pro 3.0
Skype™ 5.10
Smart Defrag 2
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg Groove Agent ONE Content
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg LoopMash Content
Steinberg REVerence Content 01
SUPERAntiSpyware
Superior Drummer Installer
Surfing Protection
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TextAloud 3.0
Topaz Adjust 5
Topaz B&W Effects
Topaz Clarity
Topaz Clean 3
Topaz DeJpeg 4
Topaz DeNoise 5
Topaz Detail 3
Topaz Fusion Express 2
Topaz InFocus
Topaz Lens Effects
Topaz ReMask 3
Topaz ReStyle
Topaz Simplify 4
Topaz Star Effects
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Online Product Information
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
TRORMCLauncher
Utility Common Driver
Vir2 Instruments Elite Orchestral Percussion
VirtualCloneDrive
Virus TI Software Suite 64-bit
VLC media player 2.1.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.00 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
30/11/2013 16:19:18, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
27/11/2013 02:34:22, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
03/12/2013 13:58:14, Error: Microsoft-Windows-DNS-Client [1012]  - There was an error while attempting to read the local hosts file.
03/12/2013 12:54:30, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Install      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:54:30, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Install      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:54:30, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Download      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:53:50, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Install      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:53:50, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Install      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:53:50, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Download      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80240016      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
03/12/2013 12:51:09, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072efe      Error description: The connection with the server was terminated abnormally
03/12/2013 12:51:09, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: User-TOSH\User      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
03/12/2013 12:51:09, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: User-TOSH\User      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
03/12/2013 12:51:09, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: User-TOSH\User      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
03/12/2013 12:51:09, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
03/12/2013 12:46:53, Error: Service Control Manager [7031]  - The Block Level Backup Engine Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
03/12/2013 12:42:20, Error: Service Control Manager [7022]  - The Windows Defender service hung on starting.
03/12/2013 12:38:40, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree WiMAX Service service to connect.
03/12/2013 12:35:36, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Notebook Performance Tuning Service (TEMPRO) service to connect.
03/12/2013 12:34:59, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIHardwareService service.
03/12/2013 12:34:59, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Nalpeiron Licensing Service service to connect.
03/12/2013 12:34:59, Error: Service Control Manager [7000]  - The Nalpeiron Licensing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 12:34:21, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the IconMan_R service to connect.
03/12/2013 12:34:21, Error: Service Control Manager [7000]  - The IconMan_R service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 12:33:41, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 7 service to connect.
03/12/2013 12:33:41, Error: Service Control Manager [7000]  - The Advanced SystemCare Service 7 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 12:27:17, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004
03/12/2013 12:17:40, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
03/12/2013 05:12:33, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
03/12/2013 05:09:32, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
03/12/2013 05:09:32, Error: Service Control Manager [7000]  - The Software Protection service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 05:07:52, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Nero Update service to connect.
03/12/2013 05:05:48, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 05:05:32, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
03/12/2013 05:03:44, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
03/12/2013 05:03:03, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
03/12/2013 05:02:45, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service TOSHIBA HDD SSD Alert Service with arguments "" in order to run the server: {A1CC28EB-258A-4B67-BBC2-4DD5D8AF4C8F}
03/12/2013 05:02:21, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the TOSHIBA HDD SSD Alert Service service to connect.
03/12/2013 05:02:21, Error: Service Control Manager [7000]  - The TOSHIBA HDD SSD Alert Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 04:49:44, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.
03/12/2013 04:49:44, Error: Service Control Manager [7000]  - The Intel® Management & Security Application User Notification Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 04:46:51, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree Service service to connect.
03/12/2013 04:46:51, Error: Service Control Manager [7000]  - The ConfigFree Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 04:43:26, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:  An instance of the service is already running.
03/12/2013 04:42:35, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
03/12/2013 04:42:35, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
03/12/2013 04:42:29, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
03/12/2013 04:38:48, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the IMF Service service to connect.
03/12/2013 04:38:48, Error: Service Control Manager [7000]  - The IMF Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/12/2013 04:35:15, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
03/12/2013 03:57:52, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================
 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by User at 13:59:28 on 2013-12-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3891.2505 [GMT 0:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [AdobeBridge] <no file>
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.



TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{F0F6FC32-573E-400A-8BB6-B716C7B423CC} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{F0F6FC32-573E-400A-8BB6-B716C7B423CC}\F54586560234C6F65746 : DHCPNameServer = 10.1.5.153 10.1.5.154
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
FF - ExtSQL: 2013-10-24 18:59; artur.dubovoy@gmail.com; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-10-25 21:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-18 23:37; ascsurfingprotection@iobit.com; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\ascsurfingprotection@iobit.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-25 17720]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-9-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-9-24 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-9-24 48872]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-18 2151200]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-9-5 6364024]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-21 2320920]
R3 CeKbFilter;CeKbFilter;C:\Windows\System32\drivers\CeKbFilter.sys [2013-10-21 20592]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2013-10-21 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2013-10-21 38096]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-25 872152]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\drivers\rtwlane.sys [2013-5-2 1514568]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-10-21 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-18 878368]
S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-10-21 1811456]
S2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2012-9-5 66560]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 164056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-24 111616]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;C:\Windows\System32\drivers\MAudioFastTrackPro.sys [2010-12-7 187912]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-9 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-10-21 232992]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-10-21 1103464]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-9 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-9 30208]
S3 VIRUSUSB;USB driver for Virus TI;C:\Windows\System32\drivers\VirusUSB.sys [2012-7-30 438656]
S3 VTIAUDIO;Virus TI Audio;C:\Windows\System32\drivers\vtiaudio.sys [2012-12-6 51592]
S3 VTIMIDEV01;Virus TI MIDI Driver;C:\Windows\System32\drivers\vtimidi.sys [2012-7-30 40328]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-27 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-12-03 13:53:02    10285968    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E9146F8-8DA0-4EA8-B6F6-8F19DF81BA10}\mpengine.dll
2013-12-03 12:57:10    965000    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-03 12:57:10    965000    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15D5BC48-C4E7-4E19-BA4F-4DF426F466D9}\gapaengine.dll
2013-12-03 12:57:03    965000    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A40D22E-B033-40EC-B8C3-C3B9D50D591A}\gapaengine.dll
2013-12-03 12:52:23    --------    d-----w-    C:\Windows\Migration
2013-12-03 12:50:41    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2013-12-03 12:50:38    --------    d-----w-    C:\Program Files\Microsoft Security Client
2013-12-03 12:47:59    10285968    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{98B5A775-A490-4624-96BE-65A78EA7F336}\mpengine.dll
2013-12-03 11:19:15    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2013-12-03 11:19:15    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy
2013-12-03 03:42:21    --------    d-----w-    C:\ComboFix
2013-12-01 20:10:18    --------    d-----w-    C:\Users\User\AppData\Roaming\Toontrack
2013-12-01 19:47:53    --------    d-----w-    C:\ProgramData\Toontrack
2013-11-30 05:32:57    --------    d-----w-    C:\Users\User\AppData\Roaming\iZotope
2013-11-30 05:18:57    --------    d-----w-    C:\ProgramData\iZotope
2013-11-30 05:07:18    --------    d-----w-    C:\Program Files (x86)\iZotope
2013-11-30 04:53:41    --------    dc-h--w-    C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}
2013-11-30 04:51:45    --------    dc-h--w-    C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704}
2013-11-30 04:37:30    --------    d-----w-    C:\Program Files (x86)\Toontrack
2013-11-30 02:40:56    --------    d-----w-    C:\Users\User\AppData\Roaming\Acapela Group
2013-11-30 02:40:54    --------    d-----w-    C:\Program Files (x86)\NextUp-Acapela Multimedia
2013-11-30 02:30:37    --------    d-----w-    C:\Users\User\AppData\Local\NextUp
2013-11-30 02:30:37    --------    d-----w-    C:\ProgramData\NextUp
2013-11-30 02:28:40    --------    d-----w-    C:\Program Files (x86)\TextAloud
2013-11-28 08:20:30    --------    dc-h--w-    C:\ProgramData\{7FD62475-12D0-49A3-A109-99795ED41F41}
2013-11-26 18:22:06    --------    dc-h--w-    C:\ProgramData\{4FF14FF4-C333-4311-BC51-88781D14A5AF}
2013-11-25 22:10:45    --------    dc-h--w-    C:\ProgramData\{B34D2DCD-242C-493A-BD56-5A899A2FCBC8}
2013-11-22 18:45:42    --------    d-----r-    C:\Users\User\Dropbox
2013-11-22 18:42:04    --------    d-----w-    C:\Users\User\AppData\Roaming\Dropbox
2013-11-22 18:15:43    --------    d-----w-    C:\Users\User\AppData\Local\{5C12AA20-DECB-4317-9E76-1B90B288C32F}
2013-11-22 18:15:42    --------    d-----w-    C:\Users\User\AppData\Local\{54B1B6F2-9E96-4102-8C1C-F04B8E04427B}
2013-11-22 12:28:25    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2013-11-22 12:28:25    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2013-11-22 12:28:25    52736    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2013-11-22 12:28:25    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2013-11-22 12:28:25    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2013-11-22 12:28:25    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2013-11-22 12:28:25    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2013-11-19 23:22:55    --------    d-----w-    C:\Users\User\AppData\Roaming\VST3 Presets
2013-11-18 23:37:46    --------    d-----w-    C:\ProgramData\ProductData
2013-11-18 23:37:43    --------    d-----w-    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-13 04:55:14    1474048    ----a-w-    C:\Windows\System32\crypt32.dll
2013-11-13 04:55:13    1168384    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-11-13 03:34:23    61440    ----a-w-    C:\Windows\SysWow64\NI_DFD_1_5.dll
2013-11-13 03:34:23    393216    ----a-w-    C:\Windows\SysWow64\NI_IRC_1_2.dll
2013-11-12 01:52:15    --------    d-----w-    C:\Program Files\VSTPlugins
2013-11-11 23:37:00    --------    d-----w-    C:\Program Files\M-Audio
2013-11-10 15:05:34    --------    dc-h--w-    C:\ProgramData\{A6377726-7317-464A-87EB-693294E9F383}
2013-11-10 08:10:54    --------    dc-h--w-    C:\ProgramData\{E8674DB2-4487-4238-A191-4DD8B190B0BC}
2013-11-10 08:09:14    --------    d-----w-    C:\ProgramData\Native Instruments
2013-11-10 07:46:16    --------    d-----w-    C:\Program Files (x86)\Elaborate Bytes
2013-11-10 05:18:21    722718    ----a-w-    C:\Windows\unins000.exe
2013-11-09 23:03:06    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2013-11-09 23:03:06    366592    ----a-w-    C:\Windows\System32\qdvd.dll
2013-11-07 02:05:25    --------    d-----w-    C:\Users\User\AppData\Roaming\FabFilter
2013-11-07 01:52:30    --------    d-----w-    C:\Users\User\AppData\Local\Native Instruments
2013-11-06 23:10:24    --------    d-----w-    C:\ProgramData\Syncrosoft
2013-11-06 23:09:51    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel
2013-11-06 22:58:19    --------    d-----w-    C:\Program Files (x86)\Antares
2013-11-06 22:56:31    --------    d-----w-    C:\Program Files (x86)\Antares Audio Technologies
2013-11-06 22:31:30    --------    dc-h--w-    C:\ProgramData\{E2CB91C4-F65B-43A3-AF20-333B2663A78A}
2013-11-06 22:30:44    --------    dc-h--w-    C:\ProgramData\{84BD2490-E07B-459A-85CD-649AABFCE52D}
2013-11-06 22:29:32    --------    dc-h--w-    C:\ProgramData\{A088C926-8EF0-4CFF-A473-EB879919E63A}
2013-11-06 22:29:30    --------    d-----w-    C:\Program Files\Native Instruments
2013-11-06 22:29:20    --------    dc----w-    C:\ProgramData\{FB9DCDD5-FDBE-4EED-A03A-BA8F086DC950}
2013-11-06 22:24:48    --------    d-----w-    C:\Program Files\Common Files\Native Instruments
2013-11-06 22:24:21    --------    d-----w-    C:\Program Files (x86)\Common Files\Native Instruments
2013-11-06 22:24:00    --------    d-----w-    C:\Program Files (x86)\Common Files\Digidesign
2013-11-06 22:18:10    --------    d-----w-    C:\Program Files (x86)\Native Instruments
2013-11-06 22:16:52    1700352    ----a-w-    C:\Windows\SysWow64\gdiplus.dll
2013-11-06 22:00:49    --------    d-----w-    C:\ProgramData\Waves Audio
2013-11-06 21:39:00    --------    d-----w-    C:\Users\User\AppData\Roaming\Waves Audio
2013-11-06 21:32:54    1431552    ----a-w-    C:\Windows\SysWow64\ReWire.dll
2013-11-06 21:32:54    1060864    ----a-w-    C:\Windows\SysWow64\MFC71.dll
2013-11-06 21:30:36    --------    d-----w-    C:\Program Files (x86)\Waves
2013-11-06 02:50:47    --------    d-----w-    C:\ProgramData\VST3 Presets
2013-11-06 02:41:46    --------    d-----w-    C:\Program Files (x86)\Common Files\Steinberg
2013-11-06 02:12:34    1177600    ----a-w-    C:\Windows\SysWow64\SYNSOEMU.DLL
2013-11-06 02:12:28    --------    d-----w-    C:\Program Files (x86)\Common Files\VST3
2013-11-06 01:56:37    --------    d-----w-    C:\ProgramData\Steinberg
2013-11-06 01:53:01    --------    d-----w-    C:\Program Files (x86)\Steinberg
2013-11-05 12:18:47    --------    d-----w-    C:\ProgramData\TOSHIBA Tempro
2013-11-05 12:18:47    --------    d-----w-    C:\ProgramData\IsolatedStorage
2013-11-05 11:28:04    --------    d-----w-    C:\Users\User\AppData\Roaming\WinBatch
2013-11-05 10:45:25    --------    d-----w-    C:\Program Files (x86)\SystemRequirementsLab
2013-11-05 10:44:18    --------    d-----w-    C:\ProgramData\Oracle
2013-11-05 10:43:39    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2013-11-16 01:13:37    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-16 01:13:37    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-14 11:38:18    709144    ----a-w-    C:\Windows\System32\drivers\cmdguard.sys
2013-11-14 11:38:02    43216    ----a-w-    C:\Windows\System32\cmdcsr.dll
2013-11-11 05:50:16    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-02 06:29:33    4608    ----a-r-    C:\Windows\System32\SilverEfexPro2FC64.dll
2013-11-02 06:29:33    3584    ----a-r-    C:\Windows\SysWow64\SilverEfexPro2FC32.dll
2013-11-02 06:25:13    4608    ----a-r-    C:\Windows\System32\ColorEfexPro4FC64.dll
2013-11-02 06:25:13    3584    ----a-r-    C:\Windows\SysWow64\ColorEfexPro4FC32.dll
2013-10-25 22:28:40    872152    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2013-10-25 22:28:40    74456    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2013-10-25 22:28:40    108760    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2013-10-21 12:29:42    20592    ----a-w-    C:\Windows\System32\drivers\CeKbFilter.sys
2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-04 02:28:31    190464    ----a-w-    C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17    197120    ----a-w-    C:\Windows\System32\credui.dll
2013-10-04 02:24:49    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-10-04 01:58:50    152576    ----a-w-    C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25    168960    ----a-w-    C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2013-09-27 09:53:06    248240    ----a-w-    C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 09:53:06    134944    ----a-w-    C:\Windows\System32\drivers\NisDrvWFP.sys
2013-09-25 02:26:40    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40    154560    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33    28672    ----a-w-    C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33    135680    ----a-w-    C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01    28160    ----a-w-    C:\Windows\System32\secur32.dll
2013-09-25 02:22:59    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-09-25 02:21:50    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07    1447936    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24    30720    ----a-w-    C:\Windows\System32\lsass.exe
2013-09-24 11:54:12    48872    ----a-w-    C:\Windows\System32\drivers\cmdhlp.sys
2013-09-24 11:54:12    23168    ----a-w-    C:\Windows\System32\drivers\cmderd.sys
2013-09-24 11:53:52    444392    ----a-w-    C:\Windows\System32\guard64.dll
2013-09-24 11:53:52    354240    ----a-w-    C:\Windows\SysWow64\guard32.dll
2013-09-24 11:53:42    347864    ----a-w-    C:\Windows\System32\cmdvrt64.dll
2013-09-24 11:53:40    45784    ----a-w-    C:\Windows\System32\cmdkbd64.dll
2013-09-24 11:53:36    40664    ----a-w-    C:\Windows\SysWow64\cmdkbd32.dll
2013-09-24 11:53:36    280792    ----a-w-    C:\Windows\SysWow64\cmdvrt32.dll
2013-09-11 21:21:54    863344    ----a-w-    C:\Windows\SysWow64\msvcr110_clr0400.dll
2013-09-11 21:21:54    501872    ----a-w-    C:\Windows\SysWow64\msvcp110_clr0400.dll
2013-09-11 21:21:54    28776    ----a-w-    C:\Windows\SysWow64\aspnet_counters.dll
2013-09-11 21:21:54    18000    ----a-w-    C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-09-11 19:39:06    855664    ----a-w-    C:\Windows\System32\msvcr110_clr0400.dll
2013-09-11 19:39:06    614000    ----a-w-    C:\Windows\System32\msvcp110_clr0400.dll
2013-09-11 19:39:06    30312    ----a-w-    C:\Windows\System32\aspnet_counters.dll
2013-09-11 19:39:06    18000    ----a-w-    C:\Windows\System32\msvcr100_clr0400.dll
2013-09-08 02:30:37    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
.
============= FINISH: 14:00:03.42 ===============
 

Link to post
Share on other sites
  • 3 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.