Jump to content

jh0

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by jh0

  1. jh0
    First of all, I appreciate any help, so thanks in advance. In both firefox and IE9, malwarebytes repeatedly reports that it has succesfully blocked access to potentially malicious website 37.59.139.217 (it appears to be Australian porn!). Full scans of MWB and other security software turn up nothing. I ran defogger, dds, and gmer, which also turned up nothing. Also tried rogue killer and SUPER anti-spyware. Below are my logs. Thanks for taking the time. At this point, there does not seem to be much adverse going on, but i'd rather get rid of it. Hope I remember to run defogger again when done debugging! Please let me know if anything else is needed. TIA. MBAM log 2012/03/22 09:41:53 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 50403, Process: firefox.exe) 2012/03/22 10:18:35 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 50672, Process: firefox.exe) 2012/03/22 10:18:43 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 50732, Process: firefox.exe) 2012/03/22 10:19:15 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 50766, Process: firefox.exe) 2012/03/22 10:19:48 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 50785, Process: firefox.exe) 2012/03/22 11:33:59 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54040, Process: firefox.exe) 2012/03/22 11:34:40 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54089, Process: firefox.exe) 2012/03/22 11:35:04 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54110, Process: firefox.exe) 2012/03/22 11:35:20 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54134, Process: firefox.exe) 2012/03/22 11:35:28 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54151, Process: firefox.exe) 2012/03/22 11:35:44 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54178, Process: firefox.exe) 2012/03/22 11:36:40 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54202, Process: firefox.exe) 2012/03/22 11:36:56 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54222, Process: firefox.exe) 2012/03/22 11:37:12 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54244, Process: firefox.exe) 2012/03/22 11:39:12 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54304, Process: firefox.exe) 2012/03/22 11:41:36 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54335, Process: firefox.exe) 2012/03/22 11:42:00 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54370, Process: firefox.exe) 2012/03/22 11:42:16 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54388, Process: firefox.exe) 2012/03/22 11:42:40 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 54407, Process: firefox.exe) 2012/03/22 13:02:36 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 55601, Process: firefox.exe) 2012/03/22 13:02:44 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 55652, Process: firefox.exe) 2012/03/22 13:11:08 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 55780, Process: firefox.exe) 2012/03/22 13:22:21 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 56178, Process: firefox.exe) 2012/03/22 13:39:59 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 56499, Process: firefox.exe) 2012/03/22 13:42:47 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 56552, Process: firefox.exe) 2012/03/22 13:42:47 -0700 PM-PC Project Manager IP-BLOCK 37.59.139.217 (Type: outgoing, Port: 56592, Process: firefox.exe) 2012/03/22 13:47:18 -0700 PM-PC Project Manager MESSAGE Starting database refresh 2012/03/22 13:47:18 -0700 PM-PC Project Manager MESSAGE Stopping IP protection 2012/03/22 13:47:45 -0700 PM-PC Project Manager MESSAGE IP Protection stopped 2012/03/22 13:47:46 -0700 PM-PC Project Manager MESSAGE Database refreshed successfully 2012/03/22 13:47:46 -0700 PM-PC Project Manager MESSAGE Starting IP protection 2012/03/22 13:47:46 -0700 PM-PC Project Manager MESSAGE IP Protection started successfully DDS LOG . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Project Manager at 15:00:56 on 2012-03-21 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8170.6340 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\SysWOW64\brsvc01a.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\IProsetMonitor.exe C:\Windows\SysWOW64\brss01a.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Wacom_Tablet.exe c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\Wacom_TabletUser.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Wacom_Tablet.exe C:\Program Files (x86)\AIM\aim.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.gayot.com/ uURLSearchHooks: AOL Messaging Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll mURLSearchHooks: AOL Messaging Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll mWinlogon: Userinit=userinit.exe BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: AOL Messaging Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB: AOL Messaging Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll uRun: [Google Update] "C:\Users\Project Manager\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun: [<NO NAME>] mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~2.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MI8925~1\Office12\EXCEL.EXE/3000 IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MI8925~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 216.116.96.2 216.116.96.3 TCP: Interfaces\{8B12D2FA-CE69-429B-AB51-C385267BE797} : DhcpNameServer = 216.116.96.2 216.116.96.3 BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO-X64: AOL Messaging Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO-X64: AOL Messaging Toolbar Loader - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll TB-X64: AOL Messaging Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" mRun-x64: [(Default)] mRun-x64: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE mRun-x64: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Project Manager\AppData\Roaming\Mozilla\Firefox\Profiles\b7myzz9t.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.gayot.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll FF - plugin: C:\Users\Project Manager\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-6 652360] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-21 2214504] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-8-8 235624] R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\system32\Wacom_Tablet.exe --> C:\Windows\system32\Wacom_Tablet.exe [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-22 2656280] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-9 136176] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-9 136176] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] . =============== Created Last 30 ================ . 2012-03-21 21:36:58 -------- d-----w- C:\Users\Project Manager\AppData\Local\VirtualStore 2012-03-21 16:39:00 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E0AC3441-C7BE-40D3-9CBD-D8B0788F5E4E}\mpengine.dll 2012-03-20 16:32:35 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-03-20 16:32:35 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll 2012-03-15 10:06:15 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-15 10:06:15 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-15 10:06:14 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-14 11:49:26 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-03-14 11:49:25 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-14 11:49:25 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-14 11:44:28 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-14 11:44:28 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-14 11:44:28 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-14 11:44:21 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 11:44:21 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-14 11:44:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-03-14 11:44:21 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-13 18:02:20 -------- d-----w- C:\Users\Project Manager\AppData\Local\Thunderbird 2012-03-12 16:33:38 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility 2012-03-09 20:33:09 33792 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\sdp1mpc.dll 2012-03-09 19:45:07 -------- d-----w- C:\Program Files (x86)\Xenu 2012-03-06 18:25:00 -------- d-----w- C:\Windows\PCHEALTH 2012-03-06 18:22:42 -------- d-----w- C:\Users\Project Manager\AppData\Local\Microsoft Help 2012-03-06 18:22:41 -------- d-----w- C:\Program Files (x86)\Microsoft Office2007 . ==================== Find3M ==================== . 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl 2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2011-12-29 02:50:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys . ============= FINISH: 15:01:08.40 =============== LOGS.ZIP
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.