Bartley
-
Posts
20 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Bartley
-
-
Farbar Service Scanner Version: 08-07-2012
Ran by Brad (administrator) on 11-07-2012 at 22:53:12
Running from "C:\Users\Brad\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7
C:\Windows\System32\drivers\afd.sys
[2012-02-15 20:30] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-11 22:25] - [2012-03-30 07:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E
C:\Windows\System32\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0
C:\Windows\System32\mpssvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C
C:\Windows\System32\bfe.dll
[2009-09-10 22:19] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-09-10 22:21] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1
C:\Windows\System32\wscsvc.dll
[2009-09-10 22:19] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A
C:\Windows\System32\wbem\WMIsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C
C:\Windows\System32\es.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF
C:\Windows\System32\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 11:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
**** End of log ****
here is the minitool log
MiniToolBox by Farbar Version: 25-06-2012
Ran by Brad (administrator) on 11-07-2012 at 22:46:04
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.type", 0
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : Brad-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-6B-02-AC-DA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c08d:9faf:3025:a61b%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 11, 2012 10:34:21 PM
Lease Expires . . . . . . . . . . : Wednesday, July 18, 2012 10:34:20 PM
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 301998443
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-12-60-D1-00-1D-72-E9-41-9F
DNS Servers . . . . . . . . . . . : 192.168.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-72-E9-41-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0B3F27C9-B9D9-42D6-9893-4D145E057DD2}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E62D08BD-8FE8-4AA1-890F-5AD8D92CABBB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:108c:2ae:3f57:f598(Preferred)
Link-local IPv6 Address . . . . . : fe80::108c:2ae:3f57:f598%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: TRENDnet
Address: 192.168.10.1
Name: google.com
Addresses: 2607:f8b0:4009:800::1006
74.125.225.32
74.125.225.35
74.125.225.41
74.125.225.38
74.125.225.46
74.125.225.33
74.125.225.39
74.125.225.36
74.125.225.37
74.125.225.34
74.125.225.40
Pinging google.com [74.125.225.40] with 32 bytes of data:
Reply from 74.125.225.40: bytes=32 time=34ms TTL=54
Reply from 74.125.225.40: bytes=32 time=26ms TTL=54
Ping statistics for 74.125.225.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 34ms, Average = 30ms
Server: TRENDnet
Address: 192.168.10.1
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
209.191.122.70
Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=27ms TTL=53
Reply from 209.191.122.70: bytes=32 time=27ms TTL=53
Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server: TRENDnet
Address: 192.168.10.1
Name: bleepingcomputer.com
Address: 208.43.87.2
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13 ...00 21 6b 02 ac da ...... Intel® WiFi Link 5100 AGN
10 ...00 1d 72 e9 41 9f ...... Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{0B3F27C9-B9D9-42D6-9893-4D145E057DD2}
15 ...00 00 00 00 00 00 00 e0 isatap.{E62D08BD-8FE8-4AA1-890F-5AD8D92CABBB}
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.10.0 255.255.255.0 On-link 192.168.10.103 281
192.168.10.103 255.255.255.255 On-link 192.168.10.103 281
192.168.10.255 255.255.255.255 On-link 192.168.10.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.10.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.10.103 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:5ef5:79fd:108c:2ae:3f57:f598/128
On-link
13 281 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::108c:2ae:3f57:f598/128
On-link
13 281 fe80::c08d:9faf:3025:a61b/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/11/2012 10:39:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\0\99\B9527D01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\0\99\B9527D01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\5\36\CD46CD01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\5\36\CD46CD01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\7\0D> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\7\0D> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:28 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\0\27\940A3D01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:28 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\0\27\940A3D01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:27 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\2\E7> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (07/11/2012 10:39:27 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\BRAD\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FQ24D5IS.DEFAULT\CACHE\2\E7> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (07/11/2012 10:35:56 PM) (Source: Service Control Manager) (User: )
Description: Beep
Error: (07/11/2012 10:34:13 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:32:35 PM on 7/11/2012 was unexpected.
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: Beep
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: BingBar Service%%1053
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: 30000BingBar Service
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device%%1053
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: 30000Apple Mobile Device
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: SAS Core Service%%1053
Error: (07/11/2012 10:23:21 PM) (Source: Service Control Manager) (User: )
Description: 30000SAS Core Service
Error: (07/11/2012 10:18:59 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Microsoft Office Sessions:
=========================
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 6.2.2)
Apple Mobile Device Support (Version: 5.1.1.4)
Bonjour (Version: 3.0.0.10)
Canon MP280 series MP Drivers
CCleaner (Version: 3.19)
Conexant HD Audio (Version: 4.57.0.50)
CPUID HWMonitor 1.17
EasyBits GO
GameRanger
Google Chrome (Version: 20.0.1132.47)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.73.00.52)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
iCloud (Version: 1.1.0.40)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.1.7)
Marvell Miniport Driver (Version: 10.63.3.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
MobileMe Control Panel (Version: 3.1.8.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
Network64 (Version: 140.0.215.000)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
O2Micro Flash Memory Card Reader Driver (x64) (Version: 3.24.1)
Octoshape add-in for Adobe Flash Player
PDF-Viewer (Version: 2.0.54.0)
Shop for HP Supplies (Version: 14.0)
SmartAudio (Version: 2.50.13.0)
SUPERAntiSpyware (Version: 5.0.1108)
Synaptics Pointing Device Driver (Version: 10.2.4.0)
Unity Web Player (Version: 2.6.1f3_31223)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4) (Version: 06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2) (Version: 10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
WinRAR archiver
========================= Devices: ================================
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Deskjet 3050 J610 series
Description: Deskjet 3050 J610 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
========================= Memory info: ===================================
Percentage of memory in use: 48%
Total physical RAM: 4089.96 MB
Available physical RAM: 2111.47 MB
Total Pagefile: 8367.19 MB
Available Pagefile: 5879.28 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.66 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:288.32 GB) (Free:100.61 GB) NTFS
========================= Users: ========================================
User accounts for \\BRAD-PC
Administrator Brad Guest
UpdatusUser
========================= Minidump Files ==================================
C:\Windows\Minidump\Mini062212-01.dmp
**** End of log ****
-
everything seem good, other than the strange wireless networking issue with very well might not be related
-
ok, did it. It said it was the same version, so to make sure i uninstalled the current version I had, and reinstalled the latest version.
-
ok, here they are
Status: Disinfected (events: 6)
7/7/2012 2:06:21 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.g C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\41fc65eb-4411d3d7 High
7/7/2012 2:06:21 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.g C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\41fc65eb-4411d3d7/part2/jilo3.class High
7/7/2012 2:06:22 AM Disinfected Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\458317b9-19ec2083 High
7/7/2012 2:06:22 AM Disinfected Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\458317b9-19ec2083/RequiredJavaComponent.class High
7/7/2012 2:06:21 AM Disinfected Trojan program Trojan-Downloader.Java.Small.f C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\fad2d88-68609f1d High
7/7/2012 2:06:21 AM Disinfected Trojan program Trojan-Downloader.Java.Small.f C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\fad2d88-68609f1d/main.class High
-
yes. only one thing, some kind of coupon printer .exe program. Is there a log that tells what it was?
-
very short log,
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
-
ComboFix 12-06-28.03 - Brad 06/28/2012 16:46:22.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4090.2346 [GMT -5:00]
Running from: c:\users\Brad\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-28 )))))))))))))))))))))))))))))))
.
.
2012-06-28 22:00 . 2012-06-28 22:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-28 22:00 . 2012-06-28 22:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-25 04:12 . 2012-06-25 06:43 -------- d-----w- C:\OEM
2012-06-22 07:12 . 2012-06-22 07:12 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-17 03:40 . 2012-06-17 03:40 -------- d-----w- c:\program files (x86)\ESET
2012-06-16 06:23 . 2012-06-16 06:29 -------- d-----w- C:\MGtools
2012-06-16 06:08 . 2012-06-16 06:08 -------- d-----w- c:\program files\HitmanPro
2012-06-16 06:07 . 2012-06-16 06:10 -------- d-----w- c:\programdata\HitmanPro
2012-06-15 05:48 . 2012-06-15 05:48 -------- d-----w- c:\users\Brad\AppData\Roaming\QuickScan
2012-06-15 05:09 . 2012-06-15 05:09 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-15 05:08 . 2012-06-15 05:08 772592 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-15 05:05 . 2012-06-15 05:05 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-15 05:05 . 2012-06-15 05:05 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-15 05:05 . 2012-06-15 05:05 -------- d-----w- c:\program files\Java
2012-06-15 04:42 . 2012-06-23 05:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-15 04:42 . 2012-06-23 05:41 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-15 03:37 . 2012-06-15 03:37 -------- d-----w- c:\users\Brad\AppData\Local\Macromedia
2012-06-14 03:43 . 2012-05-01 14:29 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 03:43 . 2012-04-23 16:25 132096 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 03:43 . 2012-04-23 16:25 1267200 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 03:43 . 2012-04-23 16:00 984064 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-14 03:43 . 2012-04-23 16:25 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 03:43 . 2012-04-23 16:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-14 03:43 . 2012-04-23 16:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-14 03:43 . 2012-05-15 20:15 2767360 ----a-w- c:\windows\system32\win32k.sys
2012-06-07 05:33 . 2012-06-07 05:33 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 05:33 . 2012-06-07 05:33 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-15 05:08 . 2010-04-26 13:00 687600 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-18 03:32 . 2008-10-09 19:09 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-05-18 03:32 . 2008-10-09 19:09 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-04 20:56 . 2009-10-04 03:12 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:22 . 2012-05-12 03:24 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-24 4786048]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Salmosa"="c:\program files (x86)\Razer\Salmosa\razerhid.exe" [2008-08-21 139264]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"Jomantha"="c:\program files (x86)\n52te\n52teHid.exe" [2008-06-13 159744]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Gateway\traybar.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Jomantha"="c:\program files (x86)\n52te\n52teHid.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-28 140672]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 05:41]
.
2011-07-04 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2010-01-18 13:25]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cac6bd574fab30.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-18 04:38]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-18 04:38]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646544230-175470749-843411820-1000Core.job
- c:\users\Brad\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-12 17:37]
.
2012-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646544230-175470749-843411820-1000UA.job
- c:\users\Brad\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-12 17:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-16 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1220392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0809&m=p-7805u&c=BB
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: juno.com
Trusted Zone: netzero.com
Trusted Zone: netzero.net
TCP: DhcpNameServer = 192.168.10.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\fq24d5is.default\
FF - prefs.js: browser.startup.homepage - hxxp://m.www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-SolutoService
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-ATT-SST_McciTrayApp - c:\program files\ATT-SST\McciTrayApp.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2646544230-175470749-843411820-1000\Software\SecuROM\License information*]
"datasecu"=hex:00,d8,76,56,49,d2,7d,9a,26,71,79,28,50,1c,40,b3,09,18,ce,17,47,
05,46,e3,fc,0f,f5,6b,d0,c2,22,92,3b,3b,df,77,bb,3e,64,cc,73,3f,f2,7c,99,21,\
"rkeysecu"=hex:6e,a6,25,e3,e8,4c,31,00,0b,b8,b6,5a,88,df,a2,b1
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid]
@Denied: (A 2) (Everyone)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files (x86)\Hawking\Common\RaRegistry.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
c:\program files (x86)\Razer\Salmosa\razerofa.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Completion time: 2012-06-28 17:24:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-28 22:24
.
Pre-Run: 117,207,724,032 bytes free
Post-Run: 117,266,149,376 bytes free
.
- - End Of File - - 4BDAB7A6CE16A5C35BD203FA1294C937
-
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.0
Run by Brad at 1:17:33 on 2012-06-28
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4090.2160 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Razer\Salmosa\razerhid.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Salmosa\razerofa.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0809&m=p-7805u&c=BB
uSearch Page =
uSearch Bar =
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0809&m=p-7805u&c=BB
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0809&m=p-7805u&c=BB
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\googletoolbar1.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\googletoolbar1.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
TB: {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Google Update] "C:\Users\Brad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [<NO NAME>]
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [salmosa] "C:\Program Files (x86)\Razer\Salmosa\razerhid.exe"
mRun: [<NO NAME>]
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [Jomantha] "C:\Program Files (x86)\n52te\n52teHid.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: juno.com
Trusted Zone: netzero.com
Trusted Zone: netzero.net
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.10.1
TCP: Interfaces\{0B3F27C9-B9D9-42D6-9893-4D145E057DD2} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{DD98F61F-A28A-4350-ABF6-549873407C1E} : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{E62D08BD-8FE8-4AA1-890F-5AD8D92CABBB} : DhcpNameServer = 192.168.10.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
TB-X64: {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [salmosa] "C:\Program Files (x86)\Razer\Salmosa\razerhid.exe"
mRun-x64: [(Default)]
mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [Jomantha] "C:\Program Files (x86)\n52te\n52teHid.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\fq24d5is.default\
FF - prefs.js: browser.startup.homepage - hxxp://m.www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Brad\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Brad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\fq24d5is.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-16 44768]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-2-19 517632]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-12-31 2253120]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Hawking\Common\RaRegistry.exe [2009-11-17 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe [2009-11-17 212256]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 NETwNv64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETwNv64.sys --> C:\Windows\system32\DRIVERS\NETwNv64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys --> C:\Windows\system32\DRIVERS\o2mdx64.sys [?]
R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys --> C:\Windows\system32\DRIVERS\o2sdx64.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-17 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-14 250056]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2010-11-25 14216]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2010-11-25 8456]
S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-17 135664]
S3 JmtFltr;n52te;C:\Windows\system32\drivers\JmtFltr.sys --> C:\Windows\system32\drivers\JmtFltr.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-4 113120]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 salmosa;Razer Salmosa;C:\Windows\system32\drivers\salmosa.sys --> C:\Windows\system32\drivers\salmosa.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-10 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S4 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc --> RUNDLL32.EXE ykx64coinst,serviceStartProc [?]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-06-25 04:12:10 -------- d-----w- C:\OEM
2012-06-22 07:12:45 677136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-17 03:40:49 -------- d-----w- C:\Program Files (x86)\ESET
2012-06-16 06:23:19 -------- d-----w- C:\MGtools
2012-06-16 06:08:29 -------- d-----w- C:\Program Files\HitmanPro
2012-06-16 06:07:19 -------- d-----w- C:\ProgramData\HitmanPro
2012-06-15 05:48:42 -------- d-----w- C:\Users\Brad\AppData\Roaming\QuickScan
2012-06-15 05:08:39 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-15 05:05:53 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-06-15 05:05:53 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-06-15 04:42:03 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-15 04:42:03 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-15 03:37:38 -------- d-----w- C:\Users\Brad\AppData\Local\Macromedia
2012-06-14 03:43:33 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-14 03:43:29 984064 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-14 03:43:29 132096 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-14 03:43:29 1267200 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-14 03:43:28 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-14 03:43:28 174592 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-14 03:43:28 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-14 03:43:14 2767360 ----a-w- C:\Windows\System32\win32k.sys
2012-06-07 05:33:43 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-07 05:33:43 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
.
==================== Find3M ====================
.
2012-06-15 05:08:09 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll
2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 20:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 20:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2012-05-18 03:32:50 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-05-18 03:32:50 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-19 01:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-03 08:22:15 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 1:18:15.07 ===============
Boots faster and does not freeze up. Still have horrible wireless speed, but have excellent signal
-
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Gateway
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Gateway
System Product Name: P-7805u
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 156):
0x02C4D000 \SystemRoot\system32\ntoskrnl.exe
0x02C07000 \SystemRoot\system32\hal.dll
0x00604000 \SystemRoot\system32\kdcom.dll
0x0060E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00649000 \SystemRoot\system32\PSHED.dll
0x0065D000 \SystemRoot\system32\CLFS.SYS
0x006BA000 \SystemRoot\system32\CI.dll
0x0080B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008AF000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008BE000 \SystemRoot\system32\drivers\acpi.sys
0x00914000 \SystemRoot\system32\drivers\WMILIB.SYS
0x0091D000 \SystemRoot\system32\drivers\msisadrv.sys
0x00927000 \SystemRoot\system32\drivers\pci.sys
0x00957000 \SystemRoot\System32\drivers\partmgr.sys
0x0096C000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00970000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x0097C000 \SystemRoot\system32\drivers\volmgr.sys
0x00990000 \SystemRoot\System32\drivers\volmgrx.sys
0x0076C000 \SystemRoot\System32\drivers\mountmgr.sys
0x00A0E000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x00B1C000 \SystemRoot\system32\drivers\atapi.sys
0x00B24000 \SystemRoot\system32\drivers\ataport.SYS
0x00B48000 \SystemRoot\system32\drivers\fltmgr.sys
0x00B8F000 \SystemRoot\system32\drivers\fileinfo.sys
0x00C0F000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E05000 \SystemRoot\system32\drivers\ndis.sys
0x00C96000 \SystemRoot\system32\drivers\msrpc.sys
0x00CE6000 \SystemRoot\system32\drivers\NETIO.SYS
0x01003000 \SystemRoot\System32\drivers\tcpip.sys
0x01177000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01203000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01383000 \SystemRoot\system32\drivers\volsnap.sys
0x013C7000 \SystemRoot\System32\Drivers\spldr.sys
0x013CF000 \SystemRoot\System32\Drivers\mup.sys
0x011A3000 \SystemRoot\System32\drivers\ecache.sys
0x013E1000 \SystemRoot\system32\drivers\disk.sys
0x011CF000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x013F5000 \SystemRoot\system32\drivers\crcdisk.sys
0x02314000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02321000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x0240F000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x03086000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x03088000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0316B000 \SystemRoot\System32\drivers\watchdog.sys
0x0317B000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03187000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x031CD000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0320A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x032F7000 \SystemRoot\system32\DRIVERS\yk60x64.sys
0x0340A000 \SystemRoot\system32\DRIVERS\NETwNv64.sys
0x03C5E000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x03C70000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x03C80000 \SystemRoot\system32\DRIVERS\o2sdx64.sys
0x03C8C000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x03CBA000 \SystemRoot\system32\DRIVERS\o2mdx64.sys
0x03CC8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x03CCD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03CE3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03CF1000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03D46000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03D48000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03D54000 \SystemRoot\SysWOW64\drivers\Afc.sys
0x03D5D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03D79000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x03D86000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03D8F000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x03DA2000 \SystemRoot\system32\DRIVERS\vhidmini.sys
0x03DA6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03DB8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03DC0000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x0335C000 \SystemRoot\system32\DRIVERS\storport.sys
0x033B9000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x033C6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x033E9000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0232A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x031DE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0235B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x02379000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02391000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03DF9000 \SystemRoot\system32\DRIVERS\swenum.sys
0x023A4000 \SystemRoot\system32\DRIVERS\ks.sys
0x033F5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x031EE000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00D3F000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x023D8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x00D87000 \SystemRoot\system32\drivers\CHDRT64.sys
0x00BA3000 \SystemRoot\system32\drivers\portcls.sys
0x00FD6000 \SystemRoot\system32\drivers\drmk.sys
0x03400000 \SystemRoot\system32\drivers\ksthunk.sys
0x0077F000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x05A07000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x05C0D000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x05CD8000 \SystemRoot\system32\drivers\modem.sys
0x05CE7000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05D14000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05D30000 \SystemRoot\System32\Drivers\UVCFTR_S.SYS
0x05D38000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05805000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x058D2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x058DC000 \SystemRoot\System32\Drivers\Null.SYS
0x058F0000 \SystemRoot\System32\drivers\vga.sys
0x058FE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x05923000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0592C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x05935000 \SystemRoot\System32\Drivers\Msfs.SYS
0x05940000 \SystemRoot\System32\Drivers\Npfs.SYS
0x05951000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x0595A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x05977000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x05989000 \SystemRoot\system32\DRIVERS\smb.sys
0x05D62000 \SystemRoot\system32\drivers\afd.sys
0x059A4000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x059B1000 \SystemRoot\System32\DRIVERS\netbt.sys
0x05DCD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x05DEB000 \SystemRoot\system32\DRIVERS\netbios.sys
0x05B7B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x059F5000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x058E5000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x05B96000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x05C00000 \SystemRoot\system32\drivers\nsiproxy.sys
0x05BE3000 \SystemRoot\System32\Drivers\dfsc.sys
0x05E00000 \SystemRoot\System32\Drivers\aswSP.SYS
0x05E58000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05E66000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x00070000 \SystemRoot\System32\win32k.sys
0x05F74000 \SystemRoot\System32\drivers\Dxapi.sys
0x05F80000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004E0000 \SystemRoot\System32\TSDDD.dll
0x00620000 \SystemRoot\System32\cdd.dll
0x05F93000 \SystemRoot\system32\drivers\luafv.sys
0x05FB5000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05FEC000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x02200000 \SystemRoot\system32\drivers\WudfPf.sys
0x02221000 \SystemRoot\system32\drivers\spsys.sys
0x022BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x022CF000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05FF5000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x00DCD000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0A408000 \SystemRoot\system32\drivers\HTTP.sys
0x0A4AB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A4D4000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0A4F2000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0A50C000 \SystemRoot\system32\drivers\mrxdav.sys
0x0A533000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0A55C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0A5A5000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0A5C4000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A805000 \SystemRoot\System32\DRIVERS\srv.sys
0x0A898000 \??\C:\Windows\system32\drivers\cpuz135_x64.sys
0x0A8A1000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x0A8A6000 \SystemRoot\system32\drivers\peauth.sys
0x0A95C000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0A967000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A977000 \SystemRoot\system32\DRIVERS\xaudio64.sys
0x0A97F000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77780000 \Windows\System32\ntdll.dll
Processes (total 84):
0 System Idle Process
4 System
476 C:\Windows\System32\smss.exe
544 csrss.exe
588 C:\Windows\System32\wininit.exe
608 csrss.exe
664 C:\Windows\System32\services.exe
676 C:\Windows\System32\lsass.exe
684 C:\Windows\System32\lsm.exe
704 C:\Windows\System32\winlogon.exe
848 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\nvvsvc.exe
936 C:\Windows\System32\svchost.exe
300 C:\Windows\System32\svchost.exe
400 C:\Windows\System32\svchost.exe
488 C:\Windows\System32\svchost.exe
280 C:\Windows\System32\audiodg.exe
520 C:\Windows\System32\svchost.exe
1032 C:\Windows\System32\SLsvc.exe
1164 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1176 C:\Windows\System32\nvvsvc.exe
1192 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\svchost.exe
1460 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1596 C:\Windows\System32\spoolsv.exe
1620 C:\Windows\System32\svchost.exe
2008 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
916 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2128 C:\Windows\System32\dwm.exe
2212 C:\Windows\System32\taskeng.exe
2232 C:\Windows\explorer.exe
2264 C:\Windows\System32\taskeng.exe
2496 HP1006MC.EXE
2704 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2716 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2728 C:\Program Files (x86)\Steam\steam.exe
2736 C:\Windows\ehome\ehtray.exe
2756 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
2764 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
2792 C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
2816 C:\Program Files\Bonjour\mDNSResponder.exe
2848 C:\Windows\SysWOW64\svchost.exe
2872 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2972 C:\Program Files (x86)\Razer\Salmosa\razerhid.exe
3028 C:\Program Files\Common Files\Motive\McciCMService.exe
3064 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2152 C:\Program Files (x86)\n52te\n52teHid.exe
760 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
236 C:\Program Files (x86)\iTunes\iTunesHelper.exe
2200 C:\Windows\System32\svchost.exe
2280 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2828 C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
2080 C:\Program Files (x86)\Razer\Salmosa\razerofa.exe
1668 C:\Windows\System32\svchost.exe
2256 C:\Windows\System32\svchost.exe
548 C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
1100 C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
1664 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3168 C:\Windows\System32\svchost.exe
3212 C:\Windows\System32\svchost.exe
3264 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3392 C:\Windows\System32\SearchIndexer.exe
3420 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3456 C:\Windows\ehome\ehmsas.exe
3540 C:\Windows\System32\drivers\XAudio64.exe
3744 C:\Windows\System32\svchost.exe
3872 WmiPrvSE.exe
2672 C:\Windows\System32\wbem\unsecapp.exe
3608 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
3868 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3140 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2148 C:\Windows\System32\SearchProtocolHost.exe
2868 C:\Windows\System32\svchost.exe
2024 C:\Program Files\iPod\bin\iPodService.exe
4176 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
4476 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4520 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
4536 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
3796 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
3036 WmiPrvSE.exe
1012 C:\Windows\System32\SearchFilterHost.exe
3360 dllhost.exe
2288 dllhost.exe
1844 C:\Users\Brad\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`71100000 (NTFS)
PhysicalDrive0 Model Number: WDCWD3200BEKT-22F3T0, Rev: 11.01A11
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done!
-
ok, made the recovery disc from the partition. So I think I am ready to do this. How dangerous is this, is there much of a chance I wont be able to boot back into windows? Do I need to back everything up before trying this?
-
No, I think its on the partition.
-
Ok, this make take some time to locate one. I did find online the original mbr in zipped format for this laptop, the Gateway p7805. Can I use that in some manner?
-
My computer came without a Vista dvd, do I need to find someone that has a vista 64bit dvd to perform this task?
-
ok, got it done.
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Gateway
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Gateway
System Product Name: P-7805u
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 158):
0x02C64000 \SystemRoot\system32\ntoskrnl.exe
0x02C1E000 \SystemRoot\system32\hal.dll
0x00608000 \SystemRoot\system32\kdcom.dll
0x00612000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x0064D000 \SystemRoot\system32\PSHED.dll
0x00661000 \SystemRoot\system32\CLFS.SYS
0x006BE000 \SystemRoot\system32\CI.dll
0x0080F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008B3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008C2000 \SystemRoot\system32\drivers\acpi.sys
0x00918000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00921000 \SystemRoot\system32\drivers\msisadrv.sys
0x0092B000 \SystemRoot\system32\drivers\pci.sys
0x0095B000 \SystemRoot\System32\drivers\partmgr.sys
0x00970000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00974000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00980000 \SystemRoot\system32\drivers\volmgr.sys
0x00994000 \SystemRoot\System32\drivers\volmgrx.sys
0x00770000 \SystemRoot\System32\drivers\mountmgr.sys
0x00A04000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x00B12000 \SystemRoot\system32\drivers\atapi.sys
0x00B1A000 \SystemRoot\system32\drivers\ataport.SYS
0x00B3E000 \SystemRoot\system32\drivers\fltmgr.sys
0x00B85000 \SystemRoot\system32\drivers\fileinfo.sys
0x00C0C000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E0D000 \SystemRoot\system32\drivers\ndis.sys
0x00C93000 \SystemRoot\system32\drivers\msrpc.sys
0x00CE3000 \SystemRoot\system32\drivers\NETIO.SYS
0x0100F000 \SystemRoot\System32\drivers\tcpip.sys
0x01183000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0120D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0138D000 \SystemRoot\system32\drivers\volsnap.sys
0x013D1000 \SystemRoot\System32\Drivers\spldr.sys
0x013D9000 \SystemRoot\System32\Drivers\mup.sys
0x011AF000 \SystemRoot\System32\drivers\ecache.sys
0x013EB000 \SystemRoot\system32\drivers\disk.sys
0x00FD0000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01200000 \SystemRoot\system32\drivers\crcdisk.sys
0x0231C000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02329000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x02405000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0307C000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x0307E000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03161000 \SystemRoot\System32\drivers\watchdog.sys
0x03171000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x0317D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x031C3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03207000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x032F4000 \SystemRoot\system32\DRIVERS\yk60x64.sys
0x03407000 \SystemRoot\system32\DRIVERS\NETwNv64.sys
0x03C5B000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x03C6D000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x03C7D000 \SystemRoot\system32\DRIVERS\o2sdx64.sys
0x03C89000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x03CB7000 \SystemRoot\system32\DRIVERS\o2mdx64.sys
0x03CC5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x03CCA000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03CE0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03CEE000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03D43000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03D45000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03D51000 \SystemRoot\SysWOW64\drivers\Afc.sys
0x03D5A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03D76000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x03D83000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03D8C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x03D9F000 \SystemRoot\system32\DRIVERS\vhidmini.sys
0x03DA3000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03DB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03DBD000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x03359000 \SystemRoot\system32\DRIVERS\storport.sys
0x033B6000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x033C3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x033E6000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02332000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x031D4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02363000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x031E4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02381000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03DF6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x02394000 \SystemRoot\system32\DRIVERS\ks.sys
0x033F2000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x023C8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00D3C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x023D8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x00D84000 \SystemRoot\system32\drivers\CHDRT64.sys
0x00B99000 \SystemRoot\system32\drivers\portcls.sys
0x00DCA000 \SystemRoot\system32\drivers\drmk.sys
0x03DF8000 \SystemRoot\system32\drivers\ksthunk.sys
0x00783000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x05A07000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x05C0B000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x05CD6000 \SystemRoot\system32\drivers\modem.sys
0x05CE5000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05D12000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05D2E000 \SystemRoot\System32\Drivers\UVCFTR_S.SYS
0x05D36000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05805000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x058D2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x058DC000 \SystemRoot\System32\Drivers\Null.SYS
0x058F0000 \SystemRoot\System32\drivers\vga.sys
0x058FE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x05923000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0592C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x05935000 \SystemRoot\System32\Drivers\Msfs.SYS
0x05940000 \SystemRoot\System32\Drivers\Npfs.SYS
0x05951000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x0595A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x05977000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x05989000 \SystemRoot\system32\DRIVERS\smb.sys
0x05D60000 \SystemRoot\system32\drivers\afd.sys
0x059A4000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x059B1000 \SystemRoot\System32\DRIVERS\netbt.sys
0x05DCB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x05DE9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x05B7B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x059F5000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x058E5000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x05B96000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x05BE3000 \SystemRoot\system32\drivers\nsiproxy.sys
0x00BD4000 \SystemRoot\System32\Drivers\dfsc.sys
0x05E06000 \SystemRoot\System32\Drivers\aswSP.SYS
0x05E5E000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05E6C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x00090000 \SystemRoot\System32\win32k.sys
0x05F7A000 \SystemRoot\System32\drivers\Dxapi.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x006C0000 \SystemRoot\System32\cdd.dll
0x05F99000 \SystemRoot\system32\drivers\luafv.sys
0x05FBB000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05FF2000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x02200000 \SystemRoot\system32\drivers\WudfPf.sys
0x02221000 \SystemRoot\system32\drivers\spsys.sys
0x022BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x022CF000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05C00000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02303000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0A60B000 \SystemRoot\system32\drivers\HTTP.sys
0x0A6AE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A6D7000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0A6F5000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0A70F000 \SystemRoot\system32\drivers\mrxdav.sys
0x0A736000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0A75F000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0A7A8000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0A7C7000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A80D000 \SystemRoot\System32\DRIVERS\srv.sys
0x0A8C2000 \SystemRoot\system32\drivers\salmosa.sys
0x0A8C5000 \??\C:\Windows\system32\drivers\cpuz135_x64.sys
0x0A8D9000 \??\C:\Windows\SysWOW64\drivers\int15_64.sys
0x0A8F1000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x0A8F6000 \SystemRoot\system32\drivers\peauth.sys
0x0A9AC000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0A9B7000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A9C7000 \SystemRoot\system32\DRIVERS\xaudio64.sys
0x0A9CF000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x0A8A0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x77CD0000 \Windows\System32\ntdll.dll
Processes (total 83):
0 System Idle Process
4 System
496 C:\Windows\System32\smss.exe
628 csrss.exe
672 C:\Windows\System32\wininit.exe
692 csrss.exe
728 C:\Windows\System32\services.exe
744 C:\Windows\System32\lsass.exe
752 C:\Windows\System32\lsm.exe
900 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\winlogon.exe
996 C:\Windows\System32\nvvsvc.exe
232 C:\Windows\System32\svchost.exe
632 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\audiodg.exe
1120 C:\Windows\System32\svchost.exe
1136 C:\Windows\System32\SLsvc.exe
1164 C:\Windows\System32\svchost.exe
1264 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1276 C:\Windows\System32\nvvsvc.exe
1392 C:\Windows\System32\svchost.exe
1544 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1680 C:\Windows\System32\spoolsv.exe
1704 C:\Windows\System32\svchost.exe
1388 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
2200 C:\Windows\System32\dwm.exe
2232 C:\Windows\System32\taskeng.exe
2276 C:\Windows\explorer.exe
2312 C:\Windows\System32\taskeng.exe
2768 C:\Program Files\Bonjour\mDNSResponder.exe
2016 C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
1376 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2144 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1252 C:\Program Files (x86)\Steam\steam.exe
1728 C:\Windows\ehome\ehtray.exe
1056 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
1500 C:\Windows\SysWOW64\svchost.exe
1220 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2652 C:\Program Files\Common Files\Motive\McciCMService.exe
1284 C:\Program Files (x86)\Razer\Salmosa\razerhid.exe
1552 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2600 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
2344 C:\Program Files (x86)\n52te\n52teHid.exe
1060 C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
3084 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3108 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3132 C:\Windows\System32\svchost.exe
3284 C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
3408 C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
3460 C:\Program Files (x86)\Razer\Salmosa\razerofa.exe
3560 C:\Windows\System32\svchost.exe
3632 C:\Windows\System32\svchost.exe
3716 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3856 C:\Windows\System32\SearchIndexer.exe
3968 C:\Windows\System32\drivers\XAudio64.exe
2192 C:\Windows\System32\svchost.exe
3304 C:\Program Files\iPod\bin\iPodService.exe
1568 WmiPrvSE.exe
3484 C:\Windows\System32\svchost.exe
1116 C:\Windows\ehome\ehmsas.exe
4444 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4456 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
4084 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
4436 C:\Windows\System32\wbem\unsecapp.exe
2880 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
3116 C:\Windows\System32\taskeng.exe
3544 C:\Program Files\Windows Media Player\wmpnscfg.exe
5900 C:\Program Files\Windows Media Player\wmpnetwk.exe
4116 C:\Program Files (x86)\Skype\Phone\Skype.exe
5724 taskeng.exe
4652 HP1006MC.EXE
5672 C:\Windows\System32\SearchProtocolHost.exe
6404 C:\Windows\System32\SearchFilterHost.exe
6304 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
6380 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4656 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
6540 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
1788 dllhost.exe
6228 dllhost.exe
5308 C:\Users\Brad\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`71100000 (NTFS)
PhysicalDrive0 Model Number: WDCWD3200BEKT-22F3T0, Rev: 11.01A11
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F85B7CD526802923C3EA061081FBF03E1B7455C7
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows Vista)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel
Please select the MBR code to write to this drive: 3
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: YES
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.
Done!
-
sorry but I confused, whene it says " Enter the physical disk number to fix (0-99, -1 to cancel):" I am to type the word "choice".
Same question when it says "Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel
Please select the MBR code to write to this drive:"
I type the word "choice" again?
-
here they are
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.23.02
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Brad :: BRAD-PC [administrator]
6/22/2012 10:56:33 PM
mbam-log-2012-06-22 (22-56-33).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231668
Time elapsed: 6 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
MBRCheck, version 1.2.3
© 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Gateway
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Gateway
System Product Name: P-7805u
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 161):
0x02C64000 \SystemRoot\system32\ntoskrnl.exe
0x02C1E000 \SystemRoot\system32\hal.dll
0x00608000 \SystemRoot\system32\kdcom.dll
0x00612000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x0064D000 \SystemRoot\system32\PSHED.dll
0x00661000 \SystemRoot\system32\CLFS.SYS
0x006BE000 \SystemRoot\system32\CI.dll
0x0080F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008B3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008C2000 \SystemRoot\system32\drivers\acpi.sys
0x00918000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00921000 \SystemRoot\system32\drivers\msisadrv.sys
0x0092B000 \SystemRoot\system32\drivers\pci.sys
0x0095B000 \SystemRoot\System32\drivers\partmgr.sys
0x00970000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00974000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00980000 \SystemRoot\system32\drivers\volmgr.sys
0x00994000 \SystemRoot\System32\drivers\volmgrx.sys
0x00770000 \SystemRoot\System32\drivers\mountmgr.sys
0x00A04000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x00B12000 \SystemRoot\system32\drivers\atapi.sys
0x00B1A000 \SystemRoot\system32\drivers\ataport.SYS
0x00B3E000 \SystemRoot\system32\drivers\fltmgr.sys
0x00B85000 \SystemRoot\system32\drivers\fileinfo.sys
0x00C0C000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E0D000 \SystemRoot\system32\drivers\ndis.sys
0x00C93000 \SystemRoot\system32\drivers\msrpc.sys
0x00CE3000 \SystemRoot\system32\drivers\NETIO.SYS
0x0100F000 \SystemRoot\System32\drivers\tcpip.sys
0x01183000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0120D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0138D000 \SystemRoot\system32\drivers\volsnap.sys
0x013D1000 \SystemRoot\System32\Drivers\spldr.sys
0x013D9000 \SystemRoot\System32\Drivers\mup.sys
0x011AF000 \SystemRoot\System32\drivers\ecache.sys
0x013EB000 \SystemRoot\system32\drivers\disk.sys
0x00FD0000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01200000 \SystemRoot\system32\drivers\crcdisk.sys
0x0231C000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02329000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x02405000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0307C000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x0307E000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03161000 \SystemRoot\System32\drivers\watchdog.sys
0x03171000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x0317D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x031C3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03207000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x032F4000 \SystemRoot\system32\DRIVERS\yk60x64.sys
0x03407000 \SystemRoot\system32\DRIVERS\NETwNv64.sys
0x03C5B000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x03C6D000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x03C7D000 \SystemRoot\system32\DRIVERS\o2sdx64.sys
0x03C89000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x03CB7000 \SystemRoot\system32\DRIVERS\o2mdx64.sys
0x03CC5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x03CCA000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03CE0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03CEE000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03D43000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03D45000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03D51000 \SystemRoot\SysWOW64\drivers\Afc.sys
0x03D5A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03D76000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x03D83000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03D8C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x03D9F000 \SystemRoot\system32\DRIVERS\vhidmini.sys
0x03DA3000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03DB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03DBD000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x03359000 \SystemRoot\system32\DRIVERS\storport.sys
0x033B6000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x033C3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x033E6000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02332000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x031D4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02363000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x031E4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02381000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03DF6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x02394000 \SystemRoot\system32\DRIVERS\ks.sys
0x033F2000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x023C8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x00D3C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x023D8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x00D84000 \SystemRoot\system32\drivers\CHDRT64.sys
0x00B99000 \SystemRoot\system32\drivers\portcls.sys
0x00DCA000 \SystemRoot\system32\drivers\drmk.sys
0x03DF8000 \SystemRoot\system32\drivers\ksthunk.sys
0x00783000 \SystemRoot\system32\DRIVERS\CAXHWAZL.sys
0x05A07000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x05C0B000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x05CD6000 \SystemRoot\system32\drivers\modem.sys
0x05CE5000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05D12000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05D2E000 \SystemRoot\System32\Drivers\UVCFTR_S.SYS
0x05D36000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05805000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x058D2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x058DC000 \SystemRoot\System32\Drivers\Null.SYS
0x058F0000 \SystemRoot\System32\drivers\vga.sys
0x058FE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x05923000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0592C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x05935000 \SystemRoot\System32\Drivers\Msfs.SYS
0x05940000 \SystemRoot\System32\Drivers\Npfs.SYS
0x05951000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x0595A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x05977000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x05989000 \SystemRoot\system32\DRIVERS\smb.sys
0x05D60000 \SystemRoot\system32\drivers\afd.sys
0x059A4000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x059B1000 \SystemRoot\System32\DRIVERS\netbt.sys
0x05DCB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x05DE9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x05B7B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x059F5000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x058E5000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x05B96000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x05BE3000 \SystemRoot\system32\drivers\nsiproxy.sys
0x00BD4000 \SystemRoot\System32\Drivers\dfsc.sys
0x05E06000 \SystemRoot\System32\Drivers\aswSP.SYS
0x05E5E000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05E6C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x00090000 \SystemRoot\System32\win32k.sys
0x05F7A000 \SystemRoot\System32\drivers\Dxapi.sys
0x05F86000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x006C0000 \SystemRoot\System32\cdd.dll
0x05F99000 \SystemRoot\system32\drivers\luafv.sys
0x05FBB000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05FF2000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x02200000 \SystemRoot\system32\drivers\WudfPf.sys
0x02221000 \SystemRoot\system32\drivers\spsys.sys
0x022BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x022CF000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05C00000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02303000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0A60B000 \SystemRoot\system32\drivers\HTTP.sys
0x0A6AE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A6D7000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0A6F5000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0A70F000 \SystemRoot\system32\drivers\mrxdav.sys
0x0A736000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0A75F000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0A7A8000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0A7C7000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A80D000 \SystemRoot\System32\DRIVERS\srv.sys
0x0A8A0000 \SystemRoot\system32\drivers\usbaudio.sys
0x0A8B9000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0A8C2000 \SystemRoot\system32\drivers\salmosa.sys
0x0A8C5000 \??\C:\Windows\system32\drivers\cpuz135_x64.sys
0x0A8CE000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0A8D9000 \??\C:\Windows\SysWOW64\drivers\int15_64.sys
0x0A8F1000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x0A8F6000 \SystemRoot\system32\drivers\peauth.sys
0x0A9AC000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0A9B7000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A9C7000 \SystemRoot\system32\DRIVERS\xaudio64.sys
0x0A9CF000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77CD0000 \Windows\System32\ntdll.dll
Processes (total 85):
0 System Idle Process
4 System
496 C:\Windows\System32\smss.exe
628 csrss.exe
672 C:\Windows\System32\wininit.exe
692 csrss.exe
728 C:\Windows\System32\services.exe
744 C:\Windows\System32\lsass.exe
752 C:\Windows\System32\lsm.exe
900 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\winlogon.exe
996 C:\Windows\System32\nvvsvc.exe
232 C:\Windows\System32\svchost.exe
632 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\audiodg.exe
1120 C:\Windows\System32\svchost.exe
1136 C:\Windows\System32\SLsvc.exe
1164 C:\Windows\System32\svchost.exe
1264 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1276 C:\Windows\System32\nvvsvc.exe
1392 C:\Windows\System32\svchost.exe
1544 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1680 C:\Windows\System32\spoolsv.exe
1704 C:\Windows\System32\svchost.exe
1388 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
2200 C:\Windows\System32\dwm.exe
2232 C:\Windows\System32\taskeng.exe
2276 C:\Windows\explorer.exe
2312 C:\Windows\System32\taskeng.exe
2620 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2768 C:\Program Files\Bonjour\mDNSResponder.exe
2016 C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
1376 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2144 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1252 C:\Program Files (x86)\Steam\steam.exe
1728 C:\Windows\ehome\ehtray.exe
1400 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
1412 HP1006MC.EXE
1056 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
1500 C:\Windows\SysWOW64\svchost.exe
1220 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2652 C:\Program Files\Common Files\Motive\McciCMService.exe
1284 C:\Program Files (x86)\Razer\Salmosa\razerhid.exe
1552 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2600 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
2344 C:\Program Files (x86)\n52te\n52teHid.exe
2112 C:\Windows\System32\svchost.exe
1060 C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
3084 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3108 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3120 C:\Windows\System32\svchost.exe
3132 C:\Windows\System32\svchost.exe
3284 C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
3348 C:\Program Files (x86)\Razer\Salmosa\razertra.exe
3408 C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
3460 C:\Program Files (x86)\Razer\Salmosa\razerofa.exe
3560 C:\Windows\System32\svchost.exe
3632 C:\Windows\System32\svchost.exe
3716 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3856 C:\Windows\System32\SearchIndexer.exe
3968 C:\Windows\System32\drivers\XAudio64.exe
2192 C:\Windows\System32\svchost.exe
3304 C:\Program Files\iPod\bin\iPodService.exe
1568 WmiPrvSE.exe
3484 C:\Windows\System32\svchost.exe
1116 C:\Windows\ehome\ehmsas.exe
4444 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4456 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
4084 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
4436 C:\Windows\System32\wbem\unsecapp.exe
2880 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
4344 C:\Windows\System32\SearchProtocolHost.exe
4168 C:\Windows\notepad.exe
1508 taskeng.exe
4300 C:\Windows\System32\SearchFilterHost.exe
5020 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2812 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4800 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
4892 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
524 dllhost.exe
3744 dllhost.exe
564 C:\Users\Brad\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`71100000 (NTFS)
PhysicalDrive0 Model Number: WDCWD3200BEKT-22F3T0, Rev: 11.01A11
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F85B7CD526802923C3EA061081FBF03E1B7455C7
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Done!
-
ok, here ya go. I had trouble and kept getting blue screen when running aswmbr.exe. I disabled my avast and turned off the wireless card and it worked. I hope that was ok to do.
Thanks for your help
-
-
Hello,
Please see my logs attached, I'm not sure I'm infected, Malwarebytes reports nothing, but all of sudden started having several issues all at once. First I started having very sporadic wireless issues. Great signal, very slow speed. Often dropping from 270+mbps to 35mbps, even to the point of being disconnected. I have updated drivers and done all the normal stuff. But the problem happens no matter where I am at (I went to various location, with different isp, same issues). The problem is random and may start as soon as I connect, or may run for an hour without issues before it starts. Connecting by cat5 solves the problem, I would think it is my wifi card but disabling the built in card and using a usb wifi produces the same issues.
At about the same time I started having slow boot up, after logging on my windows account it takes a long time for windows to load. Sometimes it will not finish loading windows and I am forced to shut it down manually. This is very unusual for this computer. The slow loading is random and does not always happen. It will often load to a blank desktop with only the taskbar, then 2 minutes later the desktop will load. Often I have temporary slowdown and freezes that last 10 to 15 seconds once it is up and running. A couple of times on shut down, it does not shut down but reboots. This occurs several times and then for no apparent reason it does finally shut down.
I realize that this may not be a virus or Mal ware issues, but I am at a loss for what is going on. These issues may not even be related, but I have no answers. I'll take any ideas.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:18 AM, on 6/16/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Razer\Salmosa\razerhid.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\n52te\n52teHid.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Salmosa\razertra.exe
C:\Program Files (x86)\Razer\Salmosa\razerofa.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Brad\Desktop\fixs\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=p-7805u&c=BB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=p-7805u&c=BB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=p-7805u&c=BB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [salmosa] "C:\Program Files (x86)\Razer\Salmosa\razerhid.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Jomantha] "C:\Program Files (x86)\n52te\n52teHid.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Brad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2646544230-175470749-843411820-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.juno.com
O15 - Trusted Zone: *.netzero.com
O15 - Trusted Zone: *.netzero.net
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
Thanks for your time
Having several issues, not sure what is happening
in Resolved Malware Removal Logs
Posted
Farbar Service Scanner Version: 08-07-2012
Ran by Brad (administrator) on 13-07-2012 at 00:43:30
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
************************************************
======== Search: "dhcpcsvc.dll;afd.sys;tcpip.sys;dnsrslvr.dll;mpssvc.dll;bfe.dll;vssvc.exe;wscsvc.dll;WMIsvc.dll;qmgr.dll;es.dll;cryptsvc.dll;rpcss.dll;" =========
C:\Windows\System32\BFE.DLL
[2009-09-10 22:19] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29
C:\Windows\System32\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 11:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31
C:\Windows\System32\dhcpcsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7
C:\Windows\System32\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0
C:\Windows\System32\es.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF
C:\Windows\System32\MPSSVC.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C
C:\Windows\System32\qmgr.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C
C:\Windows\System32\rpcss.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
C:\Windows\System32\VSSVC.exe
[2009-09-10 22:21] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1
C:\Windows\System32\wscsvc.dll
[2009-09-10 22:19] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A
C:\Windows\System32\wbem\WMIsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02
C:\Windows\System32\drivers\afd.sys
[2012-02-15 20:30] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943
C:\Windows\System32\drivers\tcpip.sys
[2012-05-11 22:25] - [2012-03-30 07:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E
C:\Windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6002.18005_none_d945a2ac2bb19ac6\dhcpcsvc.dll
[2009-09-10 22:20] - [2009-04-11 01:28] - 0204288 ____A (Microsoft Corporation) 9028559C132146FB75EB7ACF384B086A
C:\Windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6001.18000_none_d75a29a02e8fcf7a\dhcpcsvc.dll
[2008-01-20 21:48] - [2008-01-20 21:48] - 0204288 ____A (Microsoft Corporation) 43A988A9C10333476CB5FB667CBD629D
C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 09:48] - 0135168 ____A (Microsoft Corporation) C979AEA8C4D8F875CD25507D08980006
C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 11:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30
C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2009-09-10 22:20] - [2009-04-11 01:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B
C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2008-01-20 21:49] - [2008-01-20 21:49] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_754c5dff3b9d9ea6\es.dll
[2009-09-10 22:21] - [2009-04-11 01:28] - 0268800 ____A (Microsoft Corporation) 67058C46504BC12D821F38CF99B7B28F
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_73aba2ca57c84d78\es.dll
[2009-08-10 16:24] - [2008-04-18 00:30] - 0269312 ____A (Microsoft Corporation) 776D75AF432C598068CC933C7421171B
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_7331d75d3e9e1070\es.dll
[2009-08-10 16:24] - [2008-04-18 00:48] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_7360e4f33e7bd35a\es.dll
[2008-01-20 21:48] - [2008-01-20 21:48] - 0262144 ____A (Microsoft Corporation) F4BF4FA769DB51B106D2B4B35256988B
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_720177625a73c603\es.dll
[2009-08-10 16:24] - [2008-04-19 03:27] - 0268800 ____A (Microsoft Corporation) 131B7E46A7ACD49CB56BB03917A76DE3
C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_7135f8df4187b761\es.dll
[2009-08-10 16:24] - [2008-04-19 03:13] - 0268800 ____A (Microsoft Corporation) 7B4971C3D43525175A4EA0D143E0412E
C:\Windows\winsxs\amd64_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_f81e50087d5bfa1b\MPSSVC.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C
C:\Windows\winsxs\amd64_networking-mpssvc-svc_31bf3856ad364e35_6.0.6001.18000_none_f632d6fc803a2ecf\MPSSVC.dll
[2008-01-20 21:49] - [2008-01-20 21:49] - 0601088 ____A (Microsoft Corporation) 8A670648C755867A3AA38DA50BA569AA
C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.0.6002.18005_none_febcd05fac705b10\WMIsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02
C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.0.6001.18000_none_fcd15753af4e8fc4\WMIsvc.dll
[2008-01-20 21:50] - [2008-01-20 21:50] - 0221696 ____A (Microsoft Corporation) AC98F38FEAB066A8F983D54FF3F4FD4C
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22770_none_362b4e6b2d472f6a\afd.sys
[2012-02-15 20:30] - [2012-01-03 09:21] - 0404992 ____A (Microsoft Corporation) 022ED7EB19DFECF39C106E0F9CF2BB19
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_366a5ebb2d168a9d\afd.sys
[2011-06-16 18:22] - [2011-04-21 08:54] - 0405504 ____A (Microsoft Corporation) 7B8E5F3A0626CA83B706F0738830845F
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18564_none_35b080ce141ddbe4\afd.sys
[2012-02-15 20:30] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_35be4fb214130ed1\afd.sys
[2011-06-16 18:22] - [2011-04-21 09:20] - 0405504 ____A (Microsoft Corporation) 0CC146C4ADDEA45791B18B1E2659F4A9
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_35f2572213ec5bd2\afd.sys
[2009-09-10 22:21] - [2009-04-11 00:44] - 0406016 ____A (Microsoft Corporation) 12415CCFD3E7CEC55B5184E67B039FE4
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_34958b832fe3983b\afd.sys
[2011-06-16 18:22] - [2011-04-21 08:47] - 0408064 ____A (Microsoft Corporation) B53144D2EBB0843DD0436F5EA6953F65
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_33ef7c5016dab752\afd.sys
[2011-06-16 18:22] - [2011-04-21 08:42] - 0407552 ____A (Microsoft Corporation) 9BB97042FA331A0FB4BDD98B9280A50A
C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_3406de1616ca9086\afd.sys
[2008-01-20 21:48] - [2008-01-20 21:48] - 0408064 ____A (Microsoft Corporation) DB37041AB857ABC7E179E856D8E1582C
C:\Windows\winsxs\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_b8d6e306cd56b049\VSSVC.exe
[2009-09-10 22:21] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1
C:\Windows\winsxs\amd64_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_b6eb69fad034e4fd\VSSVC.exe
[2008-01-20 21:50] - [2008-01-20 21:50] - 1432576 ____A (Microsoft Corporation) 186BD53F8A408AD20F5A056C05678629
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 07:27] - 1198080 ____A (Microsoft Corporation) 7B0B928E318CADC23C87226BE0A1097D
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 13:21] - 1196032 ____A (Microsoft Corporation) BB6FB43B431CCAD6FC367648C87205C0
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009-09-09 21:48] - [2009-08-15 17:55] - 1196032 ____A (Microsoft Corporation) D4E30E6BADFF21865C3A075457CF9C00
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 07:25] - 1200640 ____A (Microsoft Corporation) 396CF3FD8D2A4FDF55570C01894DB9DF
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 13:22] - 1199616 ____A (Microsoft Corporation) 2F822AF5E70467F827F5B4010A7FD57F
C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2009-09-09 21:48] - [2009-08-14 09:44] - 1200640 ____A (Microsoft Corporation) 34B30202AECCB530FDDC6C6CCFA2FB46
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_119f31fd35108d3a\tcpip.sys
[2012-05-11 22:25] - [2012-03-30 07:45] - 1422720 ____A (Microsoft Corporation) AC8D5728E6AD6A7C4819D9A67008337A
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_11ab004d35078d79\tcpip.sys
[2011-11-11 00:35] - [2011-09-20 16:06] - 1423744 ____A (Microsoft Corporation) 73BED5067ED53A9DF05FA8EAB42578D0
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[2011-08-09 21:26] - [2011-06-17 15:14] - 1424272 ____A (Microsoft Corporation) 19A7321E3A5F1DDB215D2815DCC8F8E4
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010-08-11 15:45] - [2010-06-16 12:14] - 1424264 ____A (Microsoft Corporation) 0011810B5211FDACD784DE585262ECFE
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 09:22] - 1423752 ____A (Microsoft Corporation) 4AD4600DF1F09EE7462152C061B683C8
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 15:04] - 1423944 ____A (Microsoft Corporation) EE84432AD7DCADE2931528C319C55097
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009-09-09 21:48] - [2009-08-14 11:32] - 1424952 ____A (Microsoft Corporation) D45D67A18C9FD4CC637BC9D4585C0646
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_112731fc1be6530b\tcpip.sys
[2012-05-11 22:25] - [2012-03-30 07:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_1121619c1be9f088\tcpip.sys
[2011-11-11 00:35] - [2011-09-20 16:06] - 1426304 ____A (Microsoft Corporation) 2CC45D932BD193CD4117321D469AD6B2
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[2011-08-09 21:26] - [2011-06-17 15:14] - 1427344 ____A (Microsoft Corporation) 4DAD14118FBCF7C609F2A4CE21FBCC5F
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2010-08-11 15:45] - [2010-06-16 12:11] - 1426816 ____A (Microsoft Corporation) 973658A2EA9C06B2976884B9046DFC6C
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 09:28] - 1427336 ____A (Microsoft Corporation) B4B7B375FDD672AF79B0CBE9B9A48B47
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 15:22] - 1425480 ____A (Microsoft Corporation) E52F99B1160A1A1DE83223379D2C1828
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2009-09-09 21:48] - [2009-08-14 11:39] - 1425992 ____A (Microsoft Corporation) A7BFF59C2F610F62E6C292074FF36A1E
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009-09-10 22:21] - [2009-04-11 02:15] - 1426408 ____A (Microsoft Corporation) 99D07AD0EF2C535610F6573C29BC045E
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2010-08-11 15:45] - [2010-06-16 18:28] - 1414544 ____A (Microsoft Corporation) D43D5336BE9DD93E02EE124297295713
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 10:04] - 1414032 ____A (Microsoft Corporation) 4680D08A2E8A2509CD9B751D7AF59606
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 16:13] - 1411656 ____A (Microsoft Corporation) D1A6D398865E0686533E13DD2558D64B
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2009-09-09 21:48] - [2009-08-14 11:42] - 1413208 ____A (Microsoft Corporation) 74B776CA1B328095FE23A3306B1613A3
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
[2008-10-09 13:37] - [2008-04-26 03:47] - 1421368 ____A (Microsoft Corporation) F10A60005FB50698E33A1940C6EBB010
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2010-08-11 15:45] - [2010-06-16 11:40] - 1420176 ____A (Microsoft Corporation) 7D86275FB640011B372FD566C0EAFA8D
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2010-04-14 23:35] - [2010-02-18 10:01] - 1420688 ____A (Microsoft Corporation) 30C4ABC8075DEA44D7E775D434AF1753
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2010-02-09 17:51] - [2009-12-08 15:59] - 1418840 ____A (Microsoft Corporation) 8C94F5E4F9DE14A495BAA86F643CF31D
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2009-09-09 21:48] - [2009-08-14 13:05] - 1418840 ____A (Microsoft Corporation) 3BCD46BE9988B09D3510A0EF54F0D65B
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2008-10-09 13:37] - [2008-04-26 03:55] - 1421368 ____A (Microsoft Corporation) 8E041924441FF8755E5B4F135C8C3767
C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2008-01-20 21:51] - [2008-01-20 21:51] - 1421368 ____A (Microsoft Corporation) 7A1183FBB802F5ABAD7FA18BC67E0858
C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6002.18005_none_784a7242679812c3\wscsvc.dll
[2009-09-10 22:19] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A
C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6001.18000_none_765ef9366a764777\wscsvc.dll
[2008-01-20 21:47] - [2008-01-20 21:47] - 0074752 ____A (Microsoft Corporation) CB8EA6D95949384925CCFCA21CC6DFD8
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6002.18005_none_2b2e8478e00a148b\BFE.DLL
[2009-09-10 22:19] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22713_none_29c4e48dfc0b3fe9\BFE.DLL
[2010-08-11 15:45] - [2010-06-16 17:39] - 0458240 ____A (Microsoft Corporation) B66AEBF3B7073473468B941629242FBD
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22636_none_29b243adfc18c6a9\BFE.DLL
[2010-04-14 23:35] - [2010-02-18 09:23] - 0458240 ____A (Microsoft Corporation) F1D4D00050E2F8549884018F4D01C3F3
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22577_none_29880261fc38529d\BFE.DLL
[2010-02-09 17:51] - [2009-12-08 15:28] - 0458240 ____A (Microsoft Corporation) 05CC586424CD65D8D7D06050AC4D7F82
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_297260a3fc488d58\BFE.DLL
[2009-09-09 21:48] - [2009-08-14 11:01] - 0458240 ____A (Microsoft Corporation) 839DACB86F2D11191489EDD103F47C4F
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22188_none_297e2b27fc3f9349\BFE.DLL
[2008-10-09 13:37] - [2008-05-27 22:38] - 0458240 ____A (Microsoft Corporation) 5021ACFB1EE1B02E5BB9C118FC8FAF63
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.18000_none_29430b6ce2e8493f\BFE.DLL
[2008-01-20 21:50] - [2008-01-20 21:50] - 0458240 ____A (Microsoft Corporation) BC4737AAFFA5964E4F8827C9B8C0EB8E
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21226_none_27d6ab2ffeea4fe2\BFE.DLL
[2010-04-14 23:35] - [2010-02-18 09:32] - 0439808 ____A (Microsoft Corporation) 8BAD8F13C532948D2155015000CC0706
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21175_none_279f9963ff13c519\BFE.DLL
[2010-02-09 17:51] - [2009-12-08 15:24] - 0439808 ____A (Microsoft Corporation) 08B4F274353DBB82FC3606D3F9883743
C:\Windows\winsxs\amd64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_27ee49b5fed84d87\BFE.DLL
[2009-09-09 21:48] - [2009-08-15 19:55] - 0439808 ____A (Microsoft Corporation) 1FDF25DA238612329E0484CD98831D01
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6002.22600_none_4071364450fab2c7\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 11:04] - 0117760 ____A (Microsoft Corporation) 2386A8AA5C09D86CE1D0B781736BDD3F
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6002.18416_none_3fe2c96337dfc9d1\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6002.18005_none_3fec916d37d89fed\dnsrslvr.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0117760 ____A (Microsoft Corporation) 21D16B37257370975C7457C3A5EFA530
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6001.22866_none_3e4fe4aa53ffa02c\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 09:52] - 0117760 ____A (Microsoft Corporation) B4E755E76A92C6405390C057CDB9EA93
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6001.18611_none_3df754233abdf8d3\dnsrslvr.dll
[2011-04-15 00:03] - [2011-03-02 10:10] - 0117760 ____A (Microsoft Corporation) DAF05293C1264E251D3A25E7E24B2DDF
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6001.18000_none_3e0118613ab6d4a1\dnsrslvr.dll
[2008-01-20 21:48] - [2008-01-20 21:48] - 0117760 ____A (Microsoft Corporation) 93CE26DBED3182634F18DD2FE10E41BE
C:\Windows\winsxs\amd64_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6002.18005_none_35643e2fe40f0bfc\dhcpcsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7
C:\Windows\winsxs\amd64_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6001.18000_none_3378c523e6ed40b0\dhcpcsvc.dll
[2008-01-20 21:50] - [2008-01-20 21:50] - 0268288 ____A (Microsoft Corporation) FDAA0EDFCFB70CD529589AD654651B40
C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_d46316e769910757\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 10:25] - 0177664 ____A (Microsoft Corporation) DD9C01648A6455278A441775CA59E2FD
C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_d401ea4a5053e14b\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 11:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31
C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2009-09-10 22:20] - [2009-04-11 02:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7
C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008-01-20 21:49] - [2008-01-20 21:49] - 0165376 ____A (Microsoft Corporation) 4374F784121D8B3BB466B03F5E5EBD33
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_c7d4f08bf35f3abe\rpcss.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_c6259b510f93cd21\rpcss.dll
[2009-08-10 16:57] - [2009-03-02 23:59] - 0717824 ____A (Microsoft Corporation) 857E04C16007E60FCC0803239C853E78
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_c5d9dd2ff64839ac\rpcss.dll
[2009-08-10 16:57] - [2009-03-02 23:57] - 0718336 ____A (Microsoft Corporation) 52CDADE8289FF21F1F2215FF51A5F36C
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_c5e9777ff63d6f72\rpcss.dll
[2008-01-20 21:51] - [2008-01-20 21:51] - 0713728 ____A (Microsoft Corporation) FF27BE0BA7B3C48D5C99AFCB56D436C2
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_c47a129912422fc2\rpcss.dll
[2009-08-10 16:57] - [2009-03-02 23:35] - 0724992 ____A (Microsoft Corporation) 54FF562C2710BB610B019D723B16FB2A
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_c3e2cce1f92f2ca2\rpcss.dll
[2009-08-10 16:57] - [2009-03-02 23:40] - 0724992 ____A (Microsoft Corporation) 007F8DE7AC0F9386C3FD2EC7DC87C37A
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_6af7b3ad073cdcab\es.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_6956f87823678b7d\es.dll
[2009-08-10 16:24] - [2008-04-18 01:40] - 0361984 ____A (Microsoft Corporation) AE5538074DF0BB8EE5A3ECB9F5460965
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_68dd2d0b0a3d4e75\es.dll
[2009-08-10 16:24] - [2008-04-17 23:42] - 0361984 ____A (Microsoft Corporation) 6B1A97BF9FEFBDC83F3C7C7D0F826C66
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_690c3aa10a1b115f\es.dll
[2008-01-20 21:48] - [2008-01-20 21:48] - 0354304 ____A (Microsoft Corporation) D8338E6B3C23AD36096A6FDABD039283
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_67accd1026130408\es.dll
[2009-08-10 16:24] - [2008-04-19 03:30] - 0361472 ____A (Microsoft Corporation) 7143F5F8D7FF0712B6D2F336495554FE
C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_66e14e8d0d26f566\es.dll
[2009-08-10 16:24] - [2008-04-19 03:32] - 0361472 ____A (Microsoft Corporation) 1782416278B378F80862187EEBC0A51C
C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[2009-09-10 22:21] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C
C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll
[2008-01-20 21:50] - [2008-01-20 21:50] - 1082368 ____A (Microsoft Corporation) D896A0D43F8AB81ECB1FC6C24DECFD58
C:\Windows\SysWOW64\cryptsvc.dll
[2012-06-13 22:43] - [2012-04-23 11:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30
C:\Windows\SysWOW64\dhcpcsvc.dll
[2009-09-10 22:20] - [2009-04-11 01:28] - 0204288 ____A (Microsoft Corporation) 9028559C132146FB75EB7ACF384B086A
C:\Windows\SysWOW64\es.dll
[2009-09-10 22:21] - [2009-04-11 01:28] - 0268800 ____A (Microsoft Corporation) 67058C46504BC12D821F38CF99B7B28F
C:\Windows\erdnt\cache86\cryptsvc.dll
[2012-06-28 17:23] - [2012-04-23 11:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30
C:\Windows\erdnt\cache86\es.dll
[2012-06-28 17:23] - [2009-04-11 01:28] - 0268800 ____A (Microsoft Corporation) 67058C46504BC12D821F38CF99B7B28F
C:\Windows\erdnt\cache64\cryptsvc.dll
[2012-06-28 17:23] - [2012-04-23 11:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31
C:\Windows\erdnt\cache64\es.dll
[2012-06-28 17:23] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF
C:\Windows\erdnt\cache64\qmgr.dll
[2012-06-28 17:23] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C
C:\Windows\erdnt\cache64\rpcss.dll
[2012-06-28 17:23] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
C:\Windows\erdnt\cache64\tcpip.sys
[2012-06-28 17:23] - [2012-03-30 07:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E
C:\Users\Brad\AppData\Local\Google\Chrome\Application\20.0.1132.57\Locales\es.dll
[2012-07-12 23:40] - [2012-07-09 23:07] - 0008216 ____A () D088A143E3692E65FCEECBEAF6B66E08
C:\Users\Brad\AppData\Local\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
[2012-06-30 18:39] - [2012-06-28 05:27] - 0008216 ____A () 8C4CBA187C451FAE0C9C1674B9C3AC39
====== End Of Search ======
I guess it is a little more stable, not near the movement up and down in the speed. Connection signal is still excelent, but speed hangs around 135 to 165.
Boot up is better, but about every third or fourt boot, its gets to the point that the task bar loads, has a blank desktop (black) and stalls for about a minute and then loads.