Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Running slow, dunno why?

572 views 0 replies 1 participant last post by  swampdonkey 
#1 ·
Hiya all
The computer has gone really slow. I think there are programs running that shouldn't be, but I am not really sure what to do next just in case I make things worse. I think I need your help.
Thanks in anticipation.

Swampdonkey:(

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, x64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 3326 Mb
Graphics Card: NVIDIA GeForce 8800 GT, 256 Mb
Hard Drives: C: Total - 305142 MB, Free - 253506 MB; F: Total - 128472 MB, Free - 88085 MB; G: Total - 286188 MB, Free - 246927 MB;
Motherboard: http://www.abit.com.tw/, IP35 (Intel P35+ICH9/R)
Antivirus: Microsoft Security Essentials, Updated and Enabled
HJT log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:39:34, on 01/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Peter\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=EIE9HP&PC=UP50
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3220 bytes

DDS file

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16736
Run by Peter at 8:42:10 on 2013-12-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3326.2153 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uWindow Title = Internet Explorer, optimized for Bing and MSN
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{6C95C704-733E-4354-AAD5-E8AA4CA22EEE} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F878470B-976E-406C-8FBF-00D368C54E67} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F99C1E03-9D92-4BB6-8A69-05148A717CA6} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\peter\appdata\roaming\mozilla\firefox\profiles\b74qbosg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 MpKsl23b02c0b;MpKsl23b02c0b;c:\programdata\microsoft\microsoft antimalware\definition updates\{ca221a25-1458-4ffa-a41e-156267a1b460}\MpKsl23b02c0b.sys [2013-12-1 40392]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 104768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-3-14 383264]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-18 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-11-13 1343400]
.
=============== Created Last 30 ================
.
2013-12-01 08:41:00 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ca221a25-1458-4ffa-a41e-156267a1b460}\MpKsl23b02c0b.sys
2013-11-30 11:57:37 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ca221a25-1458-4ffa-a41e-156267a1b460}\mpengine.dll
2013-11-28 15:51:20 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-11-19 10:53:16 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-19 10:53:16 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-19 10:53:16 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-19 10:53:16 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-19 10:53:15 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-19 10:53:15 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-19 10:53:15 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-16 10:10:06 -------- d-----w- C:\duplicates
2013-11-15 10:56:58 -------- d-----w- c:\program files\duplicate
2013-11-15 09:39:49 -------- d-----w- c:\users\peter\appdata\roaming\DigitalVolcano
2013-11-14 15:36:27 -------- d-----w- c:\users\peter\appdata\roaming\Malwarebytes
2013-11-14 15:36:22 -------- d-----w- c:\programdata\Malwarebytes
2013-11-14 15:35:35 -------- d-----w- c:\users\peter\appdata\local\Programs
2013-11-14 09:08:19 1796096 ----a-w- c:\windows\system32\authui.dll
2013-11-06 09:09:58 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{34568a6b-1e80-4c49-9b29-35e70d23891d}\gapaengine.dll
2013-11-03 08:51:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-02 09:59:18 -------- d-----w- c:\program files\SquareEnix
.
==================== Find3M ====================
.
2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-23 07:57:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-23 07:57:53 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-12 07:03:50 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- c:\windows\system32\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-12 06:08:58 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-12 05:15:39 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 02:03:08 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-04 01:58:50 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-09-27 09:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 09:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-14 00:48:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:07:12 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:03:58 231424 ----a-w- c:\windows\system32\mswsock.dll
.
============= FINISH: 8:42:25.88 ===============
DDS attach file

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 06/11/2012 10:13:07
System Uptime: 01/12/2013 08:18:26 (0 hours ago)
.
Motherboard: http://www.abit.com.tw/ | | IP35 (Intel P35+ICH9/R)
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 2720/340mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 247.902 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 125 GiB total, 86.021 GiB free.
G: is FIXED (NTFS) - 279 GiB total, 241.14 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP152: 10/11/2013 11:44:46 - Windows Update
RP153: 14/11/2013 09:11:39 - Windows Update
RP154: 14/11/2013 15:00:00 - Windows Update
RP155: 14/11/2013 15:31:38 - 14 nov 2013
RP156: 17/11/2013 15:57:04 - Windows Update
RP157: 19/11/2013 15:06:40 - Windows Update
RP158: 24/11/2013 08:47:09 - Windows Update
RP159: 27/11/2013 09:41:19 - Windows Update
RP160: 30/11/2013 11:57:15 - Windows Update
RP161: 30/11/2013 18:27:00 - Removed HiJackThis
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Bonjour
D3DX10
FINAL FANTASY XIV - A Realm Reborn
Foxit Reader
HP Deskjet 3000 J310 series Basic Device Software
Junk Mail filter update
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2000 SR-1 Professional
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 25.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
NVIDIA 3D Vision Controller Driver 314.22
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Graphics Driver 314.22
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
Photo Common
QuickTime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Total Annihilation - Commander Pack
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
30/11/2013 14:33:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
01/12/2013 08:20:58, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
01/12/2013 08:20:49, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
01/12/2013 08:20:49, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
.
==== End Of File ===========================
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-01 08:55:47
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 Hitachi_HDT725032VLA360 rev.V54OA7EA 298.09GB
Running: psggs55i.exe; Driver: C:\Users\Peter\AppData\Local\Temp\kgloapow.sys

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82A3DA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A77212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Users\Peter\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 2.1 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3512] ntdll.dll!LdrGetProcedureAddress + 26 775622A9 7 Bytes JMP 6267E210 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3512] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 7599941E 7 Bytes JMP 62E422AA C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3512] kernel32.dll!QueryPerformanceCounter + 13 7599C425 7 Bytes JMP 62E422CD C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3512] kernel32.dll!LoadAppInitDlls + 355 7599F4E6 7 Bytes JMP 62682C10 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3512] GDI32.dll!GetViewportOrgEx + 26C 7739884B 7 Bytes JMP 62E4222B C:\Program Files\Mozilla Firefox\xul.dll

---- EOF - GMER 2.1 ----
 
See less See more
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top