Jump to content

hovee

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'm not getting redirected when I click on links via Bing or Google, so it looks like the problem's gone now. Thank you so much!
  2. Ran both and here are the logs. Malware Bytes: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.19.03 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 dhovenden :: HOME-PC [administrator] 2/19/2012 11:29:43 AM mbam-log-2012-02-19 (11-29-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 187747 Time elapsed: 4 minute(s), 20 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ESET Online: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=31fec1ad1b7e564e9004b8540d446a03 # end=stopped # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-02-19 08:51:44 # local_time=2012-02-19 12:51:44 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776574 100 94 20785322 81224720 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=188859 # found=1 # cleaned=1 # scan_time=3434 C:\Users\dhovenden\Desktop\Programs\SoftonicDownloader_for_flickr-downloader.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  3. I appreciate your help, Maniac. Here are the logs you requested. TDSSKiller: 13:06:03.0602 5412 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 13:06:04.0241 5412 ============================================================ 13:06:04.0241 5412 Current date / time: 2012/02/18 13:06:04.0241 13:06:04.0241 5412 SystemInfo: 13:06:04.0241 5412 13:06:04.0241 5412 OS Version: 6.1.7600 ServicePack: 0.0 13:06:04.0241 5412 Product type: Workstation 13:06:04.0241 5412 ComputerName: HOME-PC 13:06:04.0242 5412 UserName: dhovenden 13:06:04.0242 5412 Windows directory: C:\Windows 13:06:04.0242 5412 System windows directory: C:\Windows 13:06:04.0242 5412 Running under WOW64 13:06:04.0242 5412 Processor architecture: Intel x64 13:06:04.0242 5412 Number of processors: 4 13:06:04.0242 5412 Page size: 0x1000 13:06:04.0242 5412 Boot type: Normal boot 13:06:04.0242 5412 ============================================================ 13:06:04.0931 5412 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:06:05.0060 5412 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:06:05.0062 5412 \Device\Harddisk0\DR0: 13:06:05.0063 5412 MBR used 13:06:05.0063 5412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 13:06:05.0064 5412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37583800 13:06:05.0064 5412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x375E7800, BlocksNum 0x2D6A800 13:06:05.0064 5412 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830 13:06:05.0064 5412 \Device\Harddisk1\DR1: 13:06:05.0064 5412 MBR used 13:06:05.0064 5412 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 13:06:05.0340 5412 Initialize success 13:06:05.0340 5412 ============================================================ 13:06:21.0794 0808 ============================================================ 13:06:21.0794 0808 Scan started 13:06:21.0794 0808 Mode: Manual; SigCheck; TDLFS; 13:06:21.0794 0808 ============================================================ 13:06:22.0561 0808 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 13:06:22.0935 0808 1394ohci - ok 13:06:23.0072 0808 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys 13:06:23.0201 0808 Accelerometer - ok 13:06:23.0321 0808 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 13:06:23.0372 0808 ACPI - ok 13:06:23.0479 0808 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 13:06:23.0605 0808 AcpiPmi - ok 13:06:23.0806 0808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:06:23.0857 0808 adp94xx - ok 13:06:23.0963 0808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:06:24.0019 0808 adpahci - ok 13:06:24.0090 0808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:06:24.0117 0808 adpu320 - ok 13:06:24.0351 0808 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 13:06:24.0443 0808 AFD - ok 13:06:24.0551 0808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 13:06:24.0579 0808 agp440 - ok 13:06:24.0716 0808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 13:06:24.0735 0808 aliide - ok 13:06:24.0860 0808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 13:06:24.0881 0808 amdide - ok 13:06:24.0994 0808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:06:25.0036 0808 AmdK8 - ok 13:06:25.0968 0808 amdkmdag (06bf0785de714637eba9bb1084b28626) C:\Windows\system32\DRIVERS\atikmdag.sys 13:06:26.0339 0808 amdkmdag - ok 13:06:26.0573 0808 amdkmdap (2dec3274589ff6889ab05adceeb0f642) C:\Windows\system32\DRIVERS\atikmpag.sys 13:06:26.0629 0808 amdkmdap - ok 13:06:26.0789 0808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:06:26.0818 0808 AmdPPM - ok 13:06:26.0959 0808 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 13:06:26.0983 0808 amdsata - ok 13:06:27.0098 0808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:06:27.0123 0808 amdsbs - ok 13:06:27.0293 0808 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 13:06:27.0317 0808 amdxata - ok 13:06:27.0485 0808 AMPPAL (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\AMPPAL.sys 13:06:27.0598 0808 AMPPAL - ok 13:06:27.0908 0808 AMPPALP (7d9e301ab3247765702d0b65e2e47e50) C:\Windows\system32\DRIVERS\amppal.sys 13:06:27.0942 0808 AMPPALP - ok 13:06:28.0117 0808 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 13:06:28.0584 0808 AppID - ok 13:06:28.0883 0808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:06:28.0904 0808 arc - ok 13:06:29.0035 0808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:06:29.0077 0808 arcsas - ok 13:06:29.0339 0808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:06:30.0111 0808 AsyncMac - ok 13:06:30.0308 0808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 13:06:30.0326 0808 atapi - ok 13:06:30.0588 0808 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys 13:06:30.0746 0808 AtiHdmiService - ok 13:06:30.0997 0808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:06:31.0090 0808 b06bdrv - ok 13:06:31.0312 0808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:06:31.0378 0808 b57nd60a - ok 13:06:31.0679 0808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:06:31.0752 0808 Beep - ok 13:06:31.0966 0808 BHDrvx64 - ok 13:06:32.0198 0808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:06:32.0243 0808 blbdrive - ok 13:06:32.0515 0808 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 13:06:32.0597 0808 bowser - ok 13:06:33.0007 0808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:06:33.0073 0808 BrFiltLo - ok 13:06:33.0215 0808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:06:33.0247 0808 BrFiltUp - ok 13:06:33.0454 0808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:06:33.0554 0808 Brserid - ok 13:06:33.0680 0808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:06:33.0730 0808 BrSerWdm - ok 13:06:33.0871 0808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:06:33.0942 0808 BrUsbMdm - ok 13:06:33.0995 0808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:06:34.0038 0808 BrUsbSer - ok 13:06:34.0075 0808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:06:34.0119 0808 BTHMODEM - ok 13:06:34.0179 0808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:06:34.0255 0808 cdfs - ok 13:06:34.0353 0808 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 13:06:34.0396 0808 cdrom - ok 13:06:34.0532 0808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:06:34.0561 0808 circlass - ok 13:06:34.0661 0808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:06:34.0711 0808 CLFS - ok 13:06:34.0965 0808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:06:35.0015 0808 CmBatt - ok 13:06:35.0143 0808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 13:06:35.0168 0808 cmdide - ok 13:06:35.0374 0808 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys 13:06:35.0445 0808 CNG - ok 13:06:35.0610 0808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:06:35.0632 0808 Compbatt - ok 13:06:35.0790 0808 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 13:06:35.0848 0808 CompositeBus - ok 13:06:35.0989 0808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:06:36.0008 0808 crcdisk - ok 13:06:36.0227 0808 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys 13:06:36.0363 0808 dc3d - ok 13:06:36.0530 0808 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 13:06:36.0598 0808 DfsC - ok 13:06:36.0733 0808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:06:36.0825 0808 discache - ok 13:06:36.0994 0808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:06:37.0024 0808 Disk - ok 13:06:37.0150 0808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:06:37.0195 0808 drmkaud - ok 13:06:37.0309 0808 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys 13:06:37.0334 0808 DVMIO - ok 13:06:37.0504 0808 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 13:06:37.0583 0808 DXGKrnl - ok 13:06:37.0724 0808 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys 13:06:37.0761 0808 easytether - ok 13:06:38.0102 0808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:06:38.0266 0808 ebdrv - ok 13:06:38.0418 0808 eeCtrl (eb0883462ac43829e47929d705d40933) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 13:06:38.0463 0808 eeCtrl - ok 13:06:38.0684 0808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:06:38.0747 0808 elxstor - ok 13:06:38.0892 0808 EraserUtilRebootDrv - ok 13:06:38.0989 0808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 13:06:39.0038 0808 ErrDev - ok 13:06:39.0233 0808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:06:39.0309 0808 exfat - ok 13:06:39.0391 0808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:06:39.0467 0808 fastfat - ok 13:06:39.0645 0808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:06:39.0689 0808 fdc - ok 13:06:39.0800 0808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:06:39.0827 0808 FileInfo - ok 13:06:39.0886 0808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:06:39.0971 0808 Filetrace - ok 13:06:40.0171 0808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:06:40.0217 0808 flpydisk - ok 13:06:40.0330 0808 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 13:06:40.0365 0808 FltMgr - ok 13:06:40.0456 0808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:06:40.0485 0808 FsDepends - ok 13:06:40.0629 0808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 13:06:40.0654 0808 Fs_Rec - ok 13:06:40.0809 0808 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:06:40.0845 0808 fvevol - ok 13:06:40.0945 0808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:06:40.0970 0808 gagp30kx - ok 13:06:41.0060 0808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:06:41.0080 0808 GEARAspiWDM - ok 13:06:41.0148 0808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:06:41.0233 0808 hcw85cir - ok 13:06:41.0348 0808 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 13:06:41.0420 0808 HdAudAddService - ok 13:06:41.0479 0808 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 13:06:41.0514 0808 HDAudBus - ok 13:06:41.0610 0808 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 13:06:41.0637 0808 HECIx64 - ok 13:06:41.0685 0808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:06:41.0753 0808 HidBatt - ok 13:06:41.0840 0808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:06:41.0909 0808 HidBth - ok 13:06:41.0964 0808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:06:42.0028 0808 HidIr - ok 13:06:42.0128 0808 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 13:06:42.0176 0808 HidUsb - ok 13:06:42.0459 0808 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys 13:06:42.0482 0808 hpdskflt - ok 13:06:42.0670 0808 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 13:06:42.0695 0808 HpSAMD - ok 13:06:42.0902 0808 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 13:06:43.0020 0808 HTTP - ok 13:06:43.0074 0808 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 13:06:43.0090 0808 hwpolicy - ok 13:06:43.0159 0808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 13:06:43.0191 0808 i8042prt - ok 13:06:43.0291 0808 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys 13:06:43.0325 0808 iaStor - ok 13:06:43.0416 0808 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 13:06:43.0472 0808 iaStorV - ok 13:06:43.0583 0808 IDSVia64 - ok 13:06:43.0968 0808 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys 13:06:44.0292 0808 igfx - ok 13:06:44.0494 0808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:06:44.0514 0808 iirsp - ok 13:06:44.0687 0808 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 13:06:44.0752 0808 Impcd - ok 13:06:44.0814 0808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 13:06:44.0832 0808 intelide - ok 13:06:45.0646 0808 intelkmd (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdpmd64.sys 13:06:45.0958 0808 intelkmd - ok 13:06:46.0185 0808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:06:46.0232 0808 intelppm - ok 13:06:46.0310 0808 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:06:46.0410 0808 IpFilterDriver - ok 13:06:46.0587 0808 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 13:06:46.0632 0808 IPMIDRV - ok 13:06:46.0742 0808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:06:46.0822 0808 IPNAT - ok 13:06:46.0958 0808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:06:47.0170 0808 IRENUM - ok 13:06:47.0228 0808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 13:06:47.0252 0808 isapnp - ok 13:06:47.0322 0808 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 13:06:47.0351 0808 iScsiPrt - ok 13:06:47.0441 0808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 13:06:47.0465 0808 kbdclass - ok 13:06:47.0557 0808 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 13:06:47.0597 0808 kbdhid - ok 13:06:47.0653 0808 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys 13:06:47.0685 0808 KSecDD - ok 13:06:47.0735 0808 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys 13:06:47.0765 0808 KSecPkg - ok 13:06:47.0823 0808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:06:47.0898 0808 ksthunk - ok 13:06:47.0998 0808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:06:48.0076 0808 lltdio - ok 13:06:48.0192 0808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:06:48.0216 0808 LSI_FC - ok 13:06:48.0272 0808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:06:48.0296 0808 LSI_SAS - ok 13:06:48.0354 0808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:06:48.0375 0808 LSI_SAS2 - ok 13:06:48.0451 0808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:06:48.0480 0808 LSI_SCSI - ok 13:06:48.0598 0808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:06:48.0684 0808 luafv - ok 13:06:48.0853 0808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:06:48.0878 0808 megasas - ok 13:06:49.0019 0808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:06:49.0072 0808 MegaSR - ok 13:06:49.0149 0808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:06:49.0239 0808 Modem - ok 13:06:49.0339 0808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:06:49.0397 0808 monitor - ok 13:06:49.0518 0808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 13:06:49.0547 0808 mouclass - ok 13:06:49.0587 0808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:06:49.0630 0808 mouhid - ok 13:06:49.0703 0808 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 13:06:49.0731 0808 mountmgr - ok 13:06:49.0878 0808 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 13:06:49.0912 0808 MpFilter - ok 13:06:49.0984 0808 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 13:06:50.0022 0808 mpio - ok 13:06:50.0094 0808 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 13:06:50.0118 0808 MpNWMon - ok 13:06:50.0156 0808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:06:50.0227 0808 mpsdrv - ok 13:06:50.0294 0808 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 13:06:50.0336 0808 MRxDAV - ok 13:06:50.0424 0808 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:06:50.0495 0808 mrxsmb - ok 13:06:50.0553 0808 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:06:50.0610 0808 mrxsmb10 - ok 13:06:50.0640 0808 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:06:50.0700 0808 mrxsmb20 - ok 13:06:50.0756 0808 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 13:06:50.0781 0808 msahci - ok 13:06:50.0833 0808 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 13:06:50.0857 0808 msdsm - ok 13:06:50.0916 0808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:06:50.0973 0808 Msfs - ok 13:06:51.0070 0808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:06:51.0149 0808 mshidkmdf - ok 13:06:51.0245 0808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 13:06:51.0280 0808 msisadrv - ok 13:06:51.0397 0808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:06:51.0473 0808 MSKSSRV - ok 13:06:51.0697 0808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:06:51.0769 0808 MSPCLOCK - ok 13:06:51.0868 0808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:06:51.0939 0808 MSPQM - ok 13:06:51.0990 0808 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 13:06:52.0023 0808 MsRPC - ok 13:06:52.0111 0808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 13:06:52.0134 0808 mssmbios - ok 13:06:52.0163 0808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:06:52.0244 0808 MSTEE - ok 13:06:52.0278 0808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:06:52.0319 0808 MTConfig - ok 13:06:52.0351 0808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:06:52.0376 0808 Mup - ok 13:06:52.0509 0808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:06:52.0582 0808 NativeWifiP - ok 13:06:52.0658 0808 NAVENG - ok 13:06:52.0665 0808 NAVEX15 - ok 13:06:52.0829 0808 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 13:06:52.0916 0808 NDIS - ok 13:06:52.0991 0808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:06:53.0059 0808 NdisCap - ok 13:06:53.0171 0808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:06:53.0249 0808 NdisTapi - ok 13:06:53.0315 0808 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 13:06:53.0384 0808 Ndisuio - ok 13:06:53.0422 0808 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 13:06:53.0475 0808 NdisWan - ok 13:06:53.0513 0808 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 13:06:53.0583 0808 NDProxy - ok 13:06:53.0613 0808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:06:53.0664 0808 NetBIOS - ok 13:06:53.0694 0808 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 13:06:53.0787 0808 NetBT - ok 13:06:54.0061 0808 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys 13:06:54.0294 0808 NETw5s64 - ok 13:06:54.0429 0808 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 13:06:54.0656 0808 netw5v64 - ok 13:06:54.0854 0808 NETwNs64 (50ad7f7040c22bb7caa59a0880875a21) C:\Windows\system32\DRIVERS\NETwNs64.sys 13:06:55.0094 0808 NETwNs64 - ok 13:06:55.0142 0808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:06:55.0163 0808 nfrd960 - ok 13:06:55.0225 0808 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 13:06:55.0245 0808 NisDrv - ok 13:06:55.0298 0808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:06:55.0364 0808 Npfs - ok 13:06:55.0391 0808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:06:55.0457 0808 nsiproxy - ok 13:06:55.0520 0808 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 13:06:55.0601 0808 Ntfs - ok 13:06:55.0656 0808 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys 13:06:55.0673 0808 NuidFltr - ok 13:06:55.0691 0808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:06:55.0739 0808 Null - ok 13:06:55.0778 0808 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 13:06:55.0802 0808 nvraid - ok 13:06:55.0840 0808 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 13:06:55.0861 0808 nvstor - ok 13:06:55.0899 0808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 13:06:55.0943 0808 nv_agp - ok 13:06:55.0981 0808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 13:06:56.0019 0808 ohci1394 - ok 13:06:56.0076 0808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:06:56.0104 0808 Parport - ok 13:06:56.0123 0808 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 13:06:56.0144 0808 partmgr - ok 13:06:56.0167 0808 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 13:06:56.0194 0808 pci - ok 13:06:56.0227 0808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 13:06:56.0246 0808 pciide - ok 13:06:56.0282 0808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:06:56.0311 0808 pcmcia - ok 13:06:56.0338 0808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:06:56.0359 0808 pcw - ok 13:06:56.0384 0808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:06:56.0459 0808 PEAUTH - ok 13:06:56.0532 0808 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 13:06:56.0551 0808 Point64 - ok 13:06:56.0598 0808 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 13:06:56.0675 0808 PptpMiniport - ok 13:06:56.0711 0808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:06:56.0757 0808 Processor - ok 13:06:56.0801 0808 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 13:06:56.0875 0808 Psched - ok 13:06:56.0934 0808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:06:57.0004 0808 ql2300 - ok 13:06:57.0025 0808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:06:57.0045 0808 ql40xx - ok 13:06:57.0059 0808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:06:57.0087 0808 QWAVEdrv - ok 13:06:57.0102 0808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:06:57.0169 0808 RasAcd - ok 13:06:57.0214 0808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:06:57.0266 0808 RasAgileVpn - ok 13:06:57.0289 0808 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:06:57.0358 0808 Rasl2tp - ok 13:06:57.0397 0808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:06:57.0449 0808 RasPppoe - ok 13:06:57.0481 0808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:06:57.0553 0808 RasSstp - ok 13:06:57.0589 0808 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 13:06:57.0660 0808 rdbss - ok 13:06:57.0697 0808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:06:57.0745 0808 rdpbus - ok 13:06:57.0775 0808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:06:57.0848 0808 RDPCDD - ok 13:06:57.0882 0808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:06:57.0943 0808 RDPENCDD - ok 13:06:57.0975 0808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:06:58.0021 0808 RDPREFMP - ok 13:06:58.0046 0808 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 13:06:58.0114 0808 RDPWD - ok 13:06:58.0153 0808 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 13:06:58.0179 0808 rdyboost - ok 13:06:58.0219 0808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:06:58.0280 0808 rspndr - ok 13:06:58.0324 0808 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys 13:06:58.0362 0808 RSUSBSTOR - ok 13:06:58.0409 0808 RTL8167 (777fc2c418465404e3d8a290dc247d24) C:\Windows\system32\DRIVERS\Rt64win7.sys 13:06:58.0481 0808 RTL8167 - ok 13:06:58.0514 0808 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 13:06:58.0554 0808 sbp2port - ok 13:06:58.0606 0808 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 13:06:58.0673 0808 scfilter - ok 13:06:58.0734 0808 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys 13:06:58.0789 0808 sdbus - ok 13:06:58.0824 0808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:06:58.0895 0808 secdrv - ok 13:06:58.0954 0808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:06:58.0988 0808 Serenum - ok 13:06:59.0025 0808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:06:59.0046 0808 Serial - ok 13:06:59.0066 0808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:06:59.0101 0808 sermouse - ok 13:06:59.0142 0808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:06:59.0183 0808 sffdisk - ok 13:06:59.0223 0808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:06:59.0262 0808 sffp_mmc - ok 13:06:59.0305 0808 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 13:06:59.0339 0808 sffp_sd - ok 13:06:59.0387 0808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:06:59.0425 0808 sfloppy - ok 13:06:59.0474 0808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:06:59.0493 0808 SiSRaid2 - ok 13:06:59.0533 0808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:06:59.0553 0808 SiSRaid4 - ok 13:06:59.0592 0808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:06:59.0658 0808 Smb - ok 13:06:59.0686 0808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:06:59.0709 0808 spldr - ok 13:06:59.0748 0808 SRTSP - ok 13:06:59.0785 0808 SRTSPX - ok 13:06:59.0903 0808 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 13:06:59.0979 0808 srv - ok 13:07:00.0023 0808 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 13:07:00.0080 0808 srv2 - ok 13:07:00.0139 0808 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 13:07:00.0195 0808 SrvHsfHDA - ok 13:07:00.0244 0808 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 13:07:00.0331 0808 SrvHsfV92 - ok 13:07:00.0382 0808 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 13:07:00.0429 0808 SrvHsfWinac - ok 13:07:00.0478 0808 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 13:07:00.0527 0808 srvnet - ok 13:07:00.0594 0808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:07:00.0612 0808 stexstor - ok 13:07:00.0668 0808 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys 13:07:00.0739 0808 STHDA - ok 13:07:00.0782 0808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 13:07:00.0825 0808 swenum - ok 13:07:00.0839 0808 SymDS - ok 13:07:00.0852 0808 SymEFA - ok 13:07:00.0895 0808 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 13:07:00.0940 0808 SymEvent - ok 13:07:00.0952 0808 SymIRON - ok 13:07:00.0964 0808 SymNetS - ok 13:07:01.0027 0808 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys 13:07:01.0106 0808 SynTP - ok 13:07:01.0201 0808 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys 13:07:01.0289 0808 Tcpip - ok 13:07:01.0334 0808 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys 13:07:01.0398 0808 TCPIP6 - ok 13:07:01.0431 0808 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 13:07:01.0483 0808 tcpipreg - ok 13:07:01.0508 0808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:07:01.0575 0808 TDPIPE - ok 13:07:01.0599 0808 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 13:07:01.0650 0808 TDTCP - ok 13:07:01.0676 0808 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 13:07:01.0743 0808 tdx - ok 13:07:01.0780 0808 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 13:07:01.0801 0808 TermDD - ok 13:07:01.0842 0808 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:07:01.0894 0808 tssecsrv - ok 13:07:01.0929 0808 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 13:07:01.0998 0808 tunnel - ok 13:07:02.0034 0808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:07:02.0064 0808 uagp35 - ok 13:07:02.0100 0808 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys 13:07:02.0139 0808 udfs - ok 13:07:02.0185 0808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 13:07:02.0205 0808 uliagpkx - ok 13:07:02.0240 0808 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 13:07:02.0284 0808 umbus - ok 13:07:02.0324 0808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:07:02.0367 0808 UmPass - ok 13:07:02.0427 0808 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 13:07:02.0484 0808 USBAAPL64 - ok 13:07:02.0527 0808 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 13:07:02.0587 0808 usbccgp - ok 13:07:02.0631 0808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 13:07:02.0677 0808 usbcir - ok 13:07:02.0704 0808 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys 13:07:02.0739 0808 usbehci - ok 13:07:02.0786 0808 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 13:07:02.0834 0808 usbhub - ok 13:07:02.0874 0808 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 13:07:02.0914 0808 usbohci - ok 13:07:02.0955 0808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:07:02.0982 0808 usbprint - ok 13:07:03.0025 0808 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:07:03.0078 0808 USBSTOR - ok 13:07:03.0097 0808 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys 13:07:03.0120 0808 usbuhci - ok 13:07:03.0190 0808 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 13:07:03.0252 0808 usbvideo - ok 13:07:03.0300 0808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 13:07:03.0319 0808 vdrvroot - ok 13:07:03.0342 0808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:07:03.0368 0808 vga - ok 13:07:03.0387 0808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:07:03.0451 0808 VgaSave - ok 13:07:03.0489 0808 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 13:07:03.0516 0808 vhdmp - ok 13:07:03.0554 0808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 13:07:03.0573 0808 viaide - ok 13:07:03.0610 0808 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 13:07:03.0631 0808 volmgr - ok 13:07:03.0662 0808 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 13:07:03.0691 0808 volmgrx - ok 13:07:03.0722 0808 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 13:07:03.0746 0808 volsnap - ok 13:07:03.0781 0808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:07:03.0804 0808 vsmraid - ok 13:07:03.0825 0808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:07:03.0869 0808 vwifibus - ok 13:07:03.0898 0808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:07:03.0945 0808 vwififlt - ok 13:07:03.0994 0808 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 13:07:04.0022 0808 vwifimp - ok 13:07:04.0053 0808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:07:04.0093 0808 WacomPen - ok 13:07:04.0132 0808 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 13:07:04.0199 0808 WANARP - ok 13:07:04.0204 0808 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 13:07:04.0258 0808 Wanarpv6 - ok 13:07:04.0331 0808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:07:04.0351 0808 Wd - ok 13:07:04.0378 0808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:07:04.0422 0808 Wdf01000 - ok 13:07:04.0458 0808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:07:04.0508 0808 WfpLwf - ok 13:07:04.0527 0808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:07:04.0549 0808 WIMMount - ok 13:07:04.0629 0808 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys 13:07:04.0674 0808 WinUSB - ok 13:07:04.0748 0808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 13:07:04.0781 0808 WmiAcpi - ok 13:07:04.0822 0808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:07:04.0887 0808 ws2ifsl - ok 13:07:04.0926 0808 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 13:07:04.0996 0808 WudfPf - ok 13:07:05.0052 0808 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:07:05.0108 0808 WUDFRd - ok 13:07:05.0146 0808 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 13:07:05.0244 0808 yukonw7 - ok 13:07:05.0291 0808 MBR (0x1B8) (c760db365f9c37cf3734b4aa48c0c6bc) \Device\Harddisk0\DR0 13:07:05.0654 0808 \Device\Harddisk0\DR0 - ok 13:07:05.0659 0808 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 13:07:05.0839 0808 \Device\Harddisk1\DR1 - ok 13:07:05.0853 0808 Boot (0x1200) (256698780ab3212270592f45a5f38bea) \Device\Harddisk0\DR0\Partition0 13:07:05.0856 0808 \Device\Harddisk0\DR0\Partition0 - ok 13:07:05.0864 0808 Boot (0x1200) (bc91bce5bf096449e81ee0a89246eb22) \Device\Harddisk0\DR0\Partition1 13:07:05.0867 0808 \Device\Harddisk0\DR0\Partition1 - ok 13:07:05.0899 0808 Boot (0x1200) (146b1c1054ca27fd244996f66b637639) \Device\Harddisk0\DR0\Partition2 13:07:05.0901 0808 \Device\Harddisk0\DR0\Partition2 - ok 13:07:05.0913 0808 Boot (0x1200) (a5da29203f4ad4c86af36ac70260cefa) \Device\Harddisk0\DR0\Partition3 13:07:05.0915 0808 \Device\Harddisk0\DR0\Partition3 - ok 13:07:05.0919 0808 Boot (0x1200) (181efc0222b36b24131684e8f807451d) \Device\Harddisk1\DR1\Partition0 13:07:05.0922 0808 \Device\Harddisk1\DR1\Partition0 - ok 13:07:05.0922 0808 ============================================================ 13:07:05.0922 0808 Scan finished 13:07:05.0922 0808 ============================================================ 13:07:05.0967 4060 Detected object count: 0 13:07:05.0967 4060 Actual detected object count: 0 ComboFix: ComboFix 12-02-17.02 - dhovenden 02/18/2012 13:13:50.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5942.4181 [GMT -8:00] Running from: c:\users\dhovenden\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\dhovenden\AppData\Local\assembly\tmp c:\windows\system32\drivers\etc\hosts.txt c:\windows\system32\GroupPolicy\Machine\Registry.pol . . ((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 ))))))))))))))))))))))))))))))) . . 2012-02-18 21:45 . 2012-02-18 21:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-18 20:29 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1357FFE6-D659-45D3-89EC-D5DE01F0A4C8}\mpengine.dll 2012-02-11 04:47 . 2012-02-11 04:44 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5D416DD2-FAFC-4241-BCE7-0DC3376BD6C7}\gapaengine.dll 2012-02-03 20:15 . 2012-02-03 20:15 -------- d-----w- c:\users\dhovenden\AppData\Roaming\Intel 2012-02-03 20:15 . 2012-02-03 20:15 -------- d-----w- c:\users\Public\Roaming 2012-02-03 20:15 . 2012-02-03 20:15 -------- d-----w- c:\users\dhovenden\Roaming 2012-02-03 20:15 . 2012-02-03 20:15 -------- d-----w- c:\users\Default\Roaming 2012-02-03 20:14 . 2012-02-03 20:14 -------- d-----w- c:\program files\Common Files\Intel 2012-02-03 20:14 . 2012-02-03 20:15 -------- d-----w- c:\program files (x86)\Cisco 2012-02-03 20:14 . 2012-02-03 20:14 -------- d-----w- c:\program files\Intel 2012-02-03 20:14 . 2012-02-03 20:14 -------- d-----w- c:\programdata\Intel 2012-02-03 20:13 . 2012-02-03 20:13 8604672 ----a-w- c:\windows\system32\drivers\NETwNs64.sys 2012-01-27 09:58 . 2012-01-27 09:58 32048 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll 2012-01-25 04:31 . 2012-01-25 04:31 -------- d-----w- c:\program files (x86)\Bugger 2012-01-25 04:27 . 2012-01-25 04:27 -------- d-----w- c:\program files (x86)\Microsoft Product Studio 2012-01-22 03:38 . 2012-01-22 03:38 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-18 18:33 . 2011-05-18 14:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-31 12:44 . 2011-06-13 14:12 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-06 05:15 . 2011-06-14 19:50 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-10 23:24 . 2011-11-12 06:22 23152 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2011-05-23 48648] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-22 718720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-01-27 12065056] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736] . c:\users\dhovenden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\dhovenden\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-16 26530760] EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-1-23 1014112] OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] Pandora.lnk - c:\program files (x86)\Pandora\Pandora.exe [2012-1-18 142336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /p \??\I:\0autocheck autochk * . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x] R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [x] R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110604.001\IDSvia64.sys [x] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x] R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x] R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-11-26 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-01 1166848] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-01-16 127984] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-02-08 338168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-02 227896] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x] S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-01-06 2184496] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x] S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-06-16 20:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-02-18 c:\windows\Tasks\HPCeeScheduleFordhovenden.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 97792 ----a-w- c:\users\dhovenden\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 Trusted Zone: livemeeting.com\www Trusted Zone: rtcppe.com\www406b TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 FF - ProfilePath - c:\users\dhovenden\AppData\Roaming\Mozilla\Firefox\Profiles\8jab2jsh.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-NIS - c:\program files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.6.0.29\InstStub.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe . ************************************************************************** . Completion time: 2012-02-18 14:02:58 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-18 22:02 . Pre-Run: 318,199,914,496 bytes free Post-Run: 318,546,063,360 bytes free . - - End Of File - - 00688E44FCE8209F5EB4A542C0510A47
  4. Hello, A few months ago I was infected with a Google/Bing redirect malware. I ran Malwarebytes and a few other anti-malware programs and thought I had successfully removed it from my system. Google was no longer redirecting, but I didn't check Bing since I rarely use it. However I was just on Bing and while hovering over a link discovered the URL was a redirect, so now I'm concerned that whatever infected me a few months ago is still lingering. Any help that can be provided would be greatly appreciated! Here are the DDS logs I just ran: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_30 Run by dhovenden at 12:23:28 on 2012-02-18 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5942.3275 [GMT -8:00] . AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\vcsFPService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Users\dhovenden\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Pandora\Pandora.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\dhovenden\AppData\Roaming\Mozilla\Firefox\Profiles\8jab2jsh.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Lync Browser Helper: {31d09ba0-12f5-4cce-be8a-2923e76605da} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: HP SimplePass Identity Protection Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe" uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" mRun: [<NO NAME>] mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\DHOVEN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\dhovenden\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\DHOVEN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe StartupFolder: C:\Users\DHOVEN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\Users\DHOVEN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Pandora.lnk - C:\Program Files (x86)\Pandora\Pandora.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll Trusted Zone: livemeeting.com\www Trusted Zone: rtcppe.com\www406b DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1} : DhcpNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1}\27F63756D616E6F627 : DhcpNameServer = 192.168.0.1 205.171.3.65 TCP: Interfaces\{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1}\84F6D656E65647 : DhcpNameServer = 68.87.69.150 68.87.85.102 TCP: Interfaces\{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1}\D435644575C414E4 : DhcpNameServer = 157.54.14.146 157.59.200.240 157.54.14.162 TCP: Interfaces\{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1}\D697177756374743132353 : DhcpNameServer = 192.168.0.1 205.171.2.65 TCP: Interfaces\{B18A68D8-814E-4E46-B5D7-9287BBE6EC13} : DhcpNameServer = 8.8.8.8 8.8.4.4 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll LSA: Notification Packages = DPPassFilter scecli mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO-X64: Lync add-on BHO - No File BHO-X64: HP SimplePass Identity Protection Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll BHO-X64: HP SimplePass Identity Protection Extension - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB-X64: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File mRun-x64: [(Default)] mRun-x64: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 Hosts: 94.63.240.150 www.bing.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\dhovenden\AppData\Roaming\Mozilla\Firefox\Profiles\8jab2jsh.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\dhovenden\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R1 DVMIO;DeviceVM IO Service;C:\Windows\system32\DRIVERS\dvmio.sys --> C:\Windows\system32\DRIVERS\dvmio.sys [?] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-11-26 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-31 1166848] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-1-15 127984] R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-2-8 338168] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE [2010-5-18 2320920] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-5 1791280] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?] R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-02-18 18:21:35 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{356B5916-CDE7-4370-ABB2-993FA4F0D5C8}\mpengine.dll 2012-02-11 04:47:15 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5D416DD2-FAFC-4241-BCE7-0DC3376BD6C7}\gapaengine.dll 2012-02-03 20:15:50 -------- d-----w- C:\Users\dhovenden\AppData\Roaming\Intel 2012-02-03 20:15:40 -------- d-----w- C:\Users\dhovenden\Roaming 2012-02-03 20:15:40 -------- d-----w- C:\ProgramData\Roaming 2012-02-03 20:14:55 -------- d-----w- C:\Program Files\Common Files\Intel 2012-02-03 20:14:54 -------- d-----w- C:\Program Files (x86)\Cisco 2012-02-03 20:13:04 8604672 ----a-w- C:\Windows\System32\drivers\NETwNs64.sys 2012-01-27 09:58:52 32048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll 2012-01-25 04:31:24 -------- d-----w- C:\Program Files (x86)\Bugger 2012-01-25 04:27:44 -------- d-----w- C:\Program Files (x86)\Microsoft Product Studio 2012-01-22 03:38:41 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} . ==================== Find3M ==================== . 2012-02-18 18:33:58 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-14 04:02:25 3143168 ----a-w- C:\Windows\System32\win32k.sys 2012-01-04 09:58:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-01-03 06:24:52 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-01-03 05:44:24 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl 2011-12-28 03:59:11 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2011-12-16 08:45:22 1197568 ----a-w- C:\Windows\System32\wininet.dll 2011-12-16 08:42:13 634368 ----a-w- C:\Windows\System32\msvcrt.dll 2011-12-16 08:41:26 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2011-12-16 08:02:26 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-16 07:59:17 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2011-12-16 07:58:33 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2011-12-16 07:26:35 482816 ----a-w- C:\Windows\System32\html.iec 2011-12-16 06:49:33 386048 ----a-w- C:\Windows\SysWow64\html.iec 2011-12-16 06:43:48 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-16 06:15:25 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-12-10 23:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 12:24:46.04 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/7/2010 7:34:36 PM System Uptime: 2/18/2012 10:09:10 AM (2 hours ago) . Motherboard: Hewlett-Packard | | 144B Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 443 GiB total, 294.256 GiB free. D: is FIXED (NTFS) - 23 GiB total, 3.313 GiB free. E: is FIXED (FAT32) - 0 GiB total, 0.082 GiB free. F: is CDROM () H: is FIXED (NTFS) - 932 GiB total, 288.453 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: BHDrvx64 Device ID: ROOT\LEGACY_BHDRVX64\0000 Manufacturer: Name: BHDrvx64 PNP Device ID: ROOT\LEGACY_BHDRVX64\0000 Service: BHDrvx64 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: IDSVia64 Device ID: ROOT\LEGACY_IDSVIA64\0000 Manufacturer: Name: IDSVia64 PNP Device ID: ROOT\LEGACY_IDSVIA64\0000 Service: IDSVia64 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Symantec Real Time Storage Protection (PEL) x64 Device ID: ROOT\LEGACY_SRTSPX\0000 Manufacturer: Name: Symantec Real Time Storage Protection (PEL) x64 PNP Device ID: ROOT\LEGACY_SRTSPX\0000 Service: SRTSPX . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Symantec Iron Driver Device ID: ROOT\LEGACY_SYMIRON\0000 Manufacturer: Name: Symantec Iron Driver PNP Device ID: ROOT\LEGACY_SYMIRON\0000 Service: SymIRON . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Symantec Network Security WFP Driver Device ID: ROOT\LEGACY_SYMNETS\0000 Manufacturer: Name: Symantec Network Security WFP Driver PNP Device ID: ROOT\LEGACY_SYMNETS\0000 Service: SymNetS . ==== System Restore Points =================== . RP805: 2/16/2012 6:44:12 PM - Windows Update RP806: 2/16/2012 11:19:24 PM - Windows Update RP807: 2/17/2012 9:00:15 AM - Windows Backup RP809: 2/17/2012 8:38:03 PM - Microsoft Antimalware Checkpoint RP810: 2/17/2012 8:45:51 PM - Windows Backup RP811: 2/18/2012 2:15:46 AM - Windows Update RP812: 2/18/2012 10:20:07 AM - Windows Update . ==== Installed Programs ====================== . µTorrent Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.2) Adobe Shockwave Player Adobe Shockwave Player 11.6 Adobe SVG Viewer 3.0 Amazon Kindle Amazon MP3 Downloader 1.0.15 Amazon MP3 Uploader Amazon Unbox Video Apple Application Support Apple Software Update Bejeweled 2 Deluxe Blackhawk Striker 2 Blasterball 3 Bugger Build-a-lot 2 Cake Mania Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon G.726 WMP-Decoder Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDisplay 1.8 Chuzzle Deluxe CinemaNow Media Manager Combined Community Codec Pack 2011-07-30 Compatibility Pack for the 2007 Office system Contents Corel PaintShop Photo Pro X3 Corel VideoStudio Pro X3 CyberLink DVD Suite D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DeviceIO Diner Dash 2 Restaurant Rescue DivX Setup Dora's Carnival Adventure Dropbox DVD Menu Pack for HP MediaSmart Video DVD Profiler Version 3.6.1 Escape Rosecliff Island ESU for Microsoft Windows 7 Evernote v. 4.5.3 Faerie Solitaire FATE Flickr Uploadr 3.2.1 Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Customer Experience Enhancements HP DVB-T TV Tuner 8.0.64.43 HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP MediaSmart DVD HP MediaSmart Internet TV HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart Webcam HP MediaSmart/TouchSmart Netflix HP Photo Creations HP QuickWeb Installer HP Setup HP Software Framework HP Support Assistant HP Update HP User Guides 0177 Hulu Desktop ICA IDT Audio Intel PROSet Wireless Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver IPM_PSP_Pro IPM_VS_Pro ISCOM Java Auto Updater Java™ 6 Update 30 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.60.1.1000 Microsoft Default Manager Microsoft IT VPN Microsoft Money 2005 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Live Meeting 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Product Studio 2.20 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server PowerPivot for Excel (32-bit) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Microsoft WSE 3.0 Runtime Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 10.0.2 (x86 en-US) Mp3tag v2.48 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - The New York Fortune Norton Internet Security Norton Online Backup Pandora Penguins! PHOTOfunSTUDIO 5.0 PhotoNow! Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PSPPContent PSPPRO_DCRAW PureHD PX Profile Update QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver For Windows 7 Realtek USB 2.0 Card Reader RealUpgrade 1.1 Recovery Manager Roxio CinemaNow 2.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Setup Share Spotify swMSM TextTwist 2 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) VC80CRTRedist - 8.0.50727.4053 VIO Virtual Families Virtual Villagers - The Secret City VLC media player 1.1.5 VSClassic VSPro Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Player Firefox Plugin WinRAR archiver Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 2/18/2012 2:16:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB2511250). 2/18/2012 2:16:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB2522422). 2/18/2012 2:16:08 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB2484033). 2/18/2012 2:16:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB2454826). 2/18/2012 2:16:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows 7 for x64-based Systems (KB2488113). 2/18/2012 10:10:54 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/18/2012 10:10:22 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 IDSVia64 SRTSPX SymDS SymEFA SymIRON SymNetS 2/17/2012 7:33:14 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/17/2012 7:32:20 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/17/2012 7:32:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/17/2012 7:32:19 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 2/17/2012 7:31:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/17/2012 7:30:49 PM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'SCM Microsystems Inc. SCR3310 USB Smart Card Reader 0' rejected IOCTL GET_STATE: The handle is invalid. If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/17/2012 7:14:05 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/17/2012 6:30:16 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 2/16/2012 7:33:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/16/2012 7:32:53 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Amazon Unbox Video Service service to connect. 2/16/2012 7:31:52 AM, Error: NetBT [4311] - Initialization failed because the driver device could not be created. Use the string "C80AA99A85DB" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. 2/16/2012 6:34:06 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 2/15/2012 7:34:02 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/15/2012 11:03:01 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 2/15/2012 10:42:22 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/14/2012 7:29:43 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/13/2012 7:13:42 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/12/2012 10:00:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/11/2012 8:24:36 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/11/2012 8:24:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} 2/11/2012 8:24:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect. 2/11/2012 8:24:09 AM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/11/2012 8:23:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/11/2012 6:19:39 PM, Error: NetBT [4321] - The name "HOME-PC :0" could not be registered on the interface with IP address 172.19.32.148. The computer with the IP address 157.54.14.154 did not allow the name to be claimed by this computer. 2/11/2012 6:11:07 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 2/11/2012 5:00:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. 2/11/2012 4:43:30 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A6F09361-819E-4D4D-B27F-5AF7A0F40CD1} because another computer on the network has the same name. The server could not start. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.