Jump to content

mmatlick

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

Reputation

0 Neutral
  1. mmatlick
    Looks like we're all set, thank you! Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.23.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19190 Administrator :: MATLICK-PC [administrator] Protection: Enabled 6/22/2012 9:23:57 PM mbam-log-2012-06-22 (21-23-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 312062 Time elapsed: 7 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  2. mmatlick
    *****Continued***** ************* GMER log ************* GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-21 20:34:14 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3160815AS rev.3.CHF Running: psyitkuf.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pwdiifod.sys ---- Kernel code sections - GMER 1.0.15 ---- ? C:\Users\ADMINI~1\AppData\Local\Temp\aswMBR.sys The system cannot find the file specified. ! ? C:\Windows\system32\Drivers\PROCEXP141.SYS The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!SetWindowsHookExW 75D187AD 5 Bytes JMP 6DAA9AA5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!CallNextHookEx 75D18E3B 5 Bytes JMP 6DA9D119 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!UnhookWindowsHookEx 75D198DB 5 Bytes JMP 6DA14686 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!CreateWindowExW 75D21305 5 Bytes JMP 6DAADB14 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!DialogBoxParamW 75D410B0 5 Bytes JMP 6D9D5505 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!DialogBoxIndirectParamW 75D42EF5 5 Bytes JMP 6DBA53AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!DialogBoxParamA 75D58152 5 Bytes JMP 6DBA534C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!DialogBoxIndirectParamA 75D5847D 5 Bytes JMP 6DBA5412 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!MessageBoxIndirectA 75D6D4D9 5 Bytes JMP 6DBA52E1 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!MessageBoxIndirectW 75D6D5D3 5 Bytes JMP 6DBA5276 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!MessageBoxExA 75D6D639 5 Bytes JMP 6DBA5214 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] USER32.dll!MessageBoxExW 75D6D65D 5 Bytes JMP 6DBA51B2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] ole32.dll!OleLoadFromStream 76181E80 5 Bytes JMP 6DBA5717 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2796] ole32.dll!CoCreateInstance 761B9F3E 5 Bytes JMP 6DAADB70 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!SetWindowsHookExW 75D187AD 5 Bytes JMP 6DAA9AA5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!CallNextHookEx 75D18E3B 5 Bytes JMP 6DA9D119 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!UnhookWindowsHookEx 75D198DB 5 Bytes JMP 6DA14686 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!CreateWindowExW 75D21305 5 Bytes JMP 6DAADB14 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!DialogBoxParamW 75D410B0 5 Bytes JMP 6D9D5505 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!DialogBoxIndirectParamW 75D42EF5 5 Bytes JMP 6DBA53AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!DialogBoxParamA 75D58152 5 Bytes JMP 6DBA534C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!DialogBoxIndirectParamA 75D5847D 5 Bytes JMP 6DBA5412 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!MessageBoxIndirectA 75D6D4D9 5 Bytes JMP 6DBA52E1 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!MessageBoxIndirectW 75D6D5D3 5 Bytes JMP 6DBA5276 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!MessageBoxExA 75D6D639 5 Bytes JMP 6DBA5214 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] USER32.dll!MessageBoxExW 75D6D65D 5 Bytes JMP 6DBA51B2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] ole32.dll!OleLoadFromStream 76181E80 5 Bytes JMP 6DBA5717 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4448] ole32.dll!CoCreateInstance 761B9F3E 5 Bytes JMP 6DAADB70 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!CreateWindowExW 75D21305 5 Bytes JMP 6DAADB14 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!DialogBoxParamW 75D410B0 5 Bytes JMP 6D9D5505 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!DialogBoxIndirectParamW 75D42EF5 5 Bytes JMP 6DBA53AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!DialogBoxParamA 75D58152 5 Bytes JMP 6DBA534C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!DialogBoxIndirectParamA 75D5847D 5 Bytes JMP 6DBA5412 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!MessageBoxIndirectA 75D6D4D9 5 Bytes JMP 6DBA52E1 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!MessageBoxIndirectW 75D6D5D3 5 Bytes JMP 6DBA5276 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!MessageBoxExA 75D6D639 5 Bytes JMP 6DBA5214 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[5740] USER32.dll!MessageBoxExW 75D6D65D 5 Bytes JMP 6DBA51B2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [743F7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7444A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [743FBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [743EF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [743F75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [743EE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74428395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [743FDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [743EFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [743EFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [743E71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7447CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7441C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [743ED968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [743E6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [743E687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [743F2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- EOF - GMER 1.0.15 ---- ********************* OTL.txt ********************* OTL logfile created on: 6/21/2012 8:37:00 PM - Run 1 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\Administrator\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19190) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.97 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 43.02% Memory free 4.19 Gb Paging File | 2.67 Gb Available in Paging File | 63.85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 147.09 Gb Total Space | 17.49 Gb Free Space | 11.89% Space Free | Partition Type: NTFS Drive D: | 1.95 Gb Total Space | 1.74 Gb Free Space | 89.05% Space Free | Partition Type: NTFS Drive F: | 1.95 Gb Total Space | 1.93 Gb Free Space | 98.87% Space Free | Partition Type: FAT Computer Name: MATLICK-PC | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/20 15:41:28 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2011/04/08 12:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2011/03/31 22:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2010/11/11 13:55:46 | 000,159,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe PRC - [2010/10/21 13:53:56 | 001,211,216 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe PRC - [2010/10/21 13:53:48 | 000,341,328 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\LWS\LU\LULnchr.exe PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/12 18:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files\Everything\Everything.exe PRC - [2008/04/28 07:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/08/07 10:59:50 | 000,540,184 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe PRC - [2007/08/07 10:59:48 | 000,331,288 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsty.exe PRC - [2007/02/05 23:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE PRC - [2006/04/18 04:00:00 | 000,102,400 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE ========== Modules (No Company Name) ========== MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/30 18:25:42 | 000,331,608 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe MOD - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2010/05/07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2010/05/07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2010/05/07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2010/05/07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2010/05/07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2009/07/13 23:50:04 | 000,325,120 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopy.dll MOD - [2009/06/22 02:26:00 | 000,305,664 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopyExt.dll MOD - [2009/03/12 18:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files\Everything\Everything.exe ========== Win32 Services (SafeList) ========== SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2011/03/31 22:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2010/11/11 13:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2010/11/11 13:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2010/11/11 13:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2010/02/19 07:44:44 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe -- (RoxMediaDBVHS) SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/08/07 10:59:50 | 000,540,184 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2007/02/05 23:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters) SRV - [2006/04/18 04:00:00 | 000,102,400 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\ADMINI~1\AppData\Local\Temp\pwdiifod.sys -- (pwdiifod) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\ADMINI~1\AppData\Local\Temp\aswMBR.sys -- (aswMBR) DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2011/03/31 22:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC) DRV - [2011/03/31 22:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2010/12/15 00:28:10 | 000,129,024 | ---- | M] (HTC Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcusbnet.sys -- (htcusbnet) DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/09/08 19:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm) DRV - [2009/06/19 17:59:52 | 000,533,752 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2009/06/19 17:58:56 | 000,572,280 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2008/01/19 00:42:12 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2007/05/11 12:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel® DRV - [2007/04/13 06:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel® ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...=smb&pf=desktop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...=smb&pf=desktop IE - HKLM\..\SearchScopes,DefaultScope = {6FC62B8E-587C-4846-A576-96F72CF4D59C} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...referrer:source?} IE - HKLM\..\SearchScopes\{6FC62B8E-587C-4846-A576-96F72CF4D59C}: "URL" = http://slirsredirect...hpcmdtie7-en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...=smb&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...=smb&pf=desktop IE - HKCU\..\SearchScopes,DefaultScope = {6FC62B8E-587C-4846-A576-96F72CF4D59C} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\19.0.1084.56\npchrome_frame.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe () O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [setRefresh] C:\Program Files\HP\SetRefresh\SetRefresh.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html () O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{306EB63B-070B-4031-AEEA-B253A1DD470D}: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{435118A0-844C-4800-9AD5-2B3675E87DAF}: DhcpNameServer = 69.78.80.231 69.78.134.231 O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\19.0.1084.56\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\USERS\DADDY-O\DOCUMENTS\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/06/21 20:36:16 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012/06/21 14:03:28 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012/06/21 14:03:28 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012/06/21 14:02:52 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012/06/21 14:02:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012/06/21 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple [2012/06/20 16:48:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google [2012/06/20 16:48:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe [2012/06/20 16:48:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\AOL [2012/06/20 16:48:15 | 000,000,000 | ---D | C] -- C:\ARK [2012/06/20 16:01:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/06/20 16:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2012/06/20 16:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2012/06/20 15:59:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Hewlett-Packard [2012/06/20 15:59:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Hewlett-Packard [2012/06/20 15:58:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Apple Computer [2012/06/20 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple Computer [2012/06/20 15:58:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ICAClient [2012/06/20 15:58:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Citrix [2012/06/20 15:58:14 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll [2012/06/20 15:57:15 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/06/20 15:57:15 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches [2012/06/20 15:57:15 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/06/20 15:57:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Identities [2012/06/20 15:56:58 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Contacts [2012/06/20 15:40:18 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Administrator\Desktop\tdsskiller.exe [2012/06/20 15:39:55 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Administrator\Desktop\aswMBR.exe [2012/06/20 15:38:23 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Administrator\Desktop\erunt-setup.exe [2012/06/18 18:26:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Templates [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Start Menu [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\PrintHood [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\NetHood [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Videos [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Pictures [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Music [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\My Documents [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Local Settings [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\History [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Application Data [2012/06/18 18:25:47 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Application Data [2012/06/18 18:25:46 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Saved Games [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Downloads [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop [2012/06/18 18:25:46 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/06/18 18:25:46 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData [2012/06/18 18:25:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp [2012/06/18 18:25:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft Help [2012/06/18 18:25:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft [2012/06/01 22:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/01 22:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/01 22:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/06/01 22:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/21 20:40:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3023463021-2874374182-4066112519-1004UA.job [2012/06/21 20:40:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{843560D8-038C-42DD-8AC3-20D4D1B92846}.job [2012/06/21 20:21:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3023463021-2874374182-4066112519-1003UA.job [2012/06/21 20:14:17 | 000,662,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/06/21 20:14:17 | 000,127,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/06/21 20:04:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/06/21 19:56:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/21 19:56:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/21 19:47:46 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/06/21 19:21:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3023463021-2874374182-4066112519-1003Core.job [2012/06/21 19:17:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HP WEP.job [2012/06/21 19:00:42 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E229BB97-8D5E-4273-BBF1-379BDD7281D0}.job [2012/06/21 07:40:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3023463021-2874374182-4066112519-1004Core.job [2012/06/20 16:48:30 | 000,000,943 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/20 16:41:37 | 000,000,512 | ---- | M] () -- C:\Users\Administrator\Desktop\MBR.dat [2012/06/20 16:00:48 | 000,000,733 | ---- | M] () -- C:\Users\Administrator\Desktop\NTREGOPT.lnk [2012/06/20 16:00:48 | 000,000,714 | ---- | M] () -- C:\Users\Administrator\Desktop\ERUNT.lnk [2012/06/20 15:56:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/20 15:55:50 | 2119,487,488 | -HS- | M] () -- C:\hiberfil.sys [2012/06/20 15:47:12 | 000,002,113 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/06/20 15:41:28 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012/06/20 15:40:25 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Administrator\Desktop\tdsskiller.exe [2012/06/20 15:40:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Administrator\Desktop\aswMBR.exe [2012/06/20 15:38:55 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Administrator\Desktop\erunt-setup.exe [2012/06/17 20:29:51 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012/06/02 15:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012/06/02 15:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012/06/01 22:17:04 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2012/06/01 22:14:21 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/01 22:05:45 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/20 16:48:30 | 000,000,943 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/20 16:41:37 | 000,000,512 | ---- | C] () -- C:\Users\Administrator\Desktop\MBR.dat [2012/06/20 16:08:27 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HP WEP.job [2012/06/20 16:00:48 | 000,000,733 | ---- | C] () -- C:\Users\Administrator\Desktop\NTREGOPT.lnk [2012/06/20 16:00:48 | 000,000,714 | ---- | C] () -- C:\Users\Administrator\Desktop\ERUNT.lnk [2012/06/20 15:57:18 | 000,000,949 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/06/20 15:57:14 | 000,000,944 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012/06/20 15:56:57 | 000,000,915 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2012/06/20 15:46:50 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/06/19 21:35:44 | 2119,487,488 | -HS- | C] () -- C:\hiberfil.sys [2012/06/18 18:25:46 | 000,000,258 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/06/18 18:25:46 | 000,000,240 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012/06/17 20:29:50 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/01 22:14:21 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/01 22:05:45 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/05/22 18:20:47 | 000,012,048 | -HS- | C] () -- C:\ProgramData\851qv5n3u157k8101m7f12br0n22 [2011/03/31 22:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2011/03/31 22:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2011/03/31 22:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2011/03/31 21:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011/03/27 17:06:33 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll ========== LOP Check ========== [2012/06/20 15:58:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICAClient [2012/06/20 15:54:53 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/06/21 20:40:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{843560D8-038C-42DD-8AC3-20D4D1B92846}.job [2012/06/21 19:00:42 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E229BB97-8D5E-4273-BBF1-379BDD7281D0}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6495C51F < End of report > ******************** Extras.txt ******************** OTL Extras logfile created on: 6/21/2012 8:37:00 PM - Run 1 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\Administrator\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19190) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.97 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 43.02% Memory free 4.19 Gb Paging File | 2.67 Gb Available in Paging File | 63.85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 147.09 Gb Total Space | 17.49 Gb Free Space | 11.89% Space Free | Partition Type: NTFS Drive D: | 1.95 Gb Total Space | 1.74 Gb Free Space | 89.05% Space Free | Partition Type: NTFS Drive F: | 1.95 Gb Total Space | 1.93 Gb Free Space | 98.87% Space Free | Partition Type: FAT Computer Name: MATLICK-PC | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01A6F69D-9751-45EB-B9AE-73F9FCA34F46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{0228BF8D-A373-497F-893C-A411DCA90046}" = lport=445 | protocol=6 | dir=in | app=system | "{06BA06AD-78DB-42F7-B193-254C33EE43D1}" = lport=138 | protocol=17 | dir=in | app=system | "{18AF6043-7AA9-423D-92F4-1BFF30EC83AF}" = lport=2869 | protocol=6 | dir=in | app=system | "{232869A6-8649-4CFD-AE40-611CE58D4B0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{2500ADC2-70FE-4EF5-BF09-AA471303DB0E}" = rport=138 | protocol=17 | dir=out | app=system | "{301570FE-9D41-455E-8779-25BEF855CF5C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{30E6810D-A8D3-4A64-84CE-BEA970B5B2CD}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer | "{3654E060-03AB-4EC8-A689-DDD9E5BE2BB6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{4FB036EA-9AF3-4485-88B6-C4837FE6317C}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer | "{508D71FD-2128-48A1-AF64-CA9203EDDD83}" = rport=137 | protocol=17 | dir=out | app=system | "{51362332-900E-42BF-A100-46978E38C546}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery | "{551C431F-50E3-44D3-88D4-A516F875AE4D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5CC31F92-76B1-4606-A4B5-817F9F2D91C5}" = rport=445 | protocol=6 | dir=out | app=system | "{77342916-16C5-400E-9CFB-123002458AC4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9BBFEF94-291F-4CE8-8C5C-549EA90CA501}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery | "{9C180051-965D-46AA-838A-0CBA4ECC192C}" = rport=139 | protocol=6 | dir=out | app=system | "{B14B1F97-63EB-44B1-84D2-110C3E10A6B4}" = lport=2869 | protocol=6 | dir=in | app=system | "{BC2C318D-03E5-4097-9016-6759F4299A10}" = lport=139 | protocol=6 | dir=in | app=system | "{D18C3E13-CB33-4EE6-9DC0-DA17FD83CC13}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{157D5E06-CAC4-4205-8268-5DCC145610CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{3398A348-27DF-405E-AB38-607FB55E347C}" = dir=in | app=c:\program files\itunes\itunes.exe | "{418AC5CE-83AC-4BEF-B966-20CF6973AC50}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{439D13B8-C8C5-4408-94D6-6EEE0AB9CF35}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{51C80226-2352-4B5E-BB36-696A01FDB3C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5609C791-2561-417A-B523-FC2C2AC4C09A}" = protocol=17 | dir=in | app=c:\users\daddy-o\appdata\roaming\dropbox\bin\dropbox.exe | "{6138DC9A-75EA-4612-AF73-36D37CB83003}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | "{6EBF96AF-1933-4D04-8029-010821638E44}" = protocol=6 | dir=in | app=c:\users\daddy-o\appdata\roaming\dropbox\bin\dropbox.exe | "{788D67BE-22F7-4B6A-8378-D57FC7D302EB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9FF23588-7A72-461D-945D-D6C7FF1392E5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{A8C73011-8A8E-4E82-9FC3-D7C30B37371D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe | "{AEA35ED1-8CD8-40CA-A95A-21E83B286810}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BEC22E1D-118D-4960-B760-1F04FB65894D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C0871810-3FF5-40B6-AE3D-E2F6F1E561FB}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{C1D6A2E9-0F6A-476B-9E2F-BDE3FEC4BD53}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | "{CF1CF2BD-435E-45EE-B851-39083D34E481}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{CFB6EFFC-3FFC-4479-8131-A600BE082C98}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe | "{D47BF551-70A4-4642-9866-B61A8EAA33F7}" = protocol=6 | dir=out | app=system | "{D5A24380-7BFA-4733-A413-C10B62D593DC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D5D51893-EACA-4600-8865-51A79E82E277}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | "{D7EC313E-A463-4D58-BAC5-6C3F4C435DC9}" = dir=in | app=c:\program files\cyberlink\powerdirector express\pdx.exe | "TCP Query User{2155A6A3-4901-4A48-B3A1-7AA1075EC9E2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{5BC34647-BAC5-46C0-815C-EE4C0B9A3F4A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{4D27C927-F4A2-4EFF-BDA6-14B28D6E3973}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{8F26130A-37E2-4A37-B697-D4DDC0BB1157}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web) "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{15210C5B-9E04-4BF7-B019-AE958F238333}" = Roxio Easy VHS to DVD "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 26 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2 "{39600969-41C3-4658-876E-16F108FC5C92}" = ISO Recorder "{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{4360BB46-507E-4361-8DCB-4FF9BDC9907B}" = SnagIt 7 "{44B23220-E68E-4FBC-B02C-1A89AC0C8C5F}" = Roxio CinePlayer Decoder Pack "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB) "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{601C6E14-DF1E-4113-A8C8-F9DB90CB0D88}" = SanDisk TransferMate "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.14.1 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7B02BF60-796D-4616-908B-B31A63CFDEFB}" = HPCarePackCore "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{9FE8E277-EBFC-4A5E-BD70-6F9B7F32AF0E}" = HP Total Care Advisor "{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer "{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{ABDC7CFA-FEB4-4743-A18A-D549571F0B2A}" = BlackBerry Device Software v5.0.0 for the BlackBerry 9530 smartphone "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2 "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BA0000DF-3F5A-4B0A-A438-918BAB015508}" = iConcertCal "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C0990649-FEC2-423A-8F37-A8952404E6CD}" = Roxio Easy VHS to DVD "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts "{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{FAE74C2C-298A-41BA-8BDB-F5A005F93278}" = Roxio Express Labeler "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10 "am-bejeweledr3" = Bejeweled® 3 "Any DVD Cloner Express_is1" = Any DVD Cloner Express 1.1.2 "AOL Toolbar" = AOL Toolbar 5.0 "BlackBerry_Desktop" = BlackBerry Desktop Software 6.0 "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2 "CCleaner" = CCleaner "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Coupon Printer for Windows4.0" = Coupon Printer for Windows "Defraggler" = Defraggler "Digsby" = Digsby "DisneysMagicArtistDeinstKey" = Disney's Magic Artist "DVD Flick_is1" = DVD Flick "EPSON Printer and Utilities" = EPSON Printer Software "EPSON Scanner" = EPSON Scan "ERUNT_is1" = ERUNT 1.1j "Everything" = Everything 1.2.1.371 "Fetch" = Fetch "ffdshow_is1" = ffdshow [rev 2527] [2008-12-19] "Google Chrome Frame" = Google Chrome Frame "HDMI" = Intel® Graphics Media Accelerator Driver "HECI" = Intel® Management Engine Interface "HP LaserJet P1000 series" = HP LaserJet P1000 series "HTC_WModemDriver" = WModem Driver Installer "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Moo0 DiskCleaner" = Moo0 DiskCleaner 1.02 "PDF Complete" = PDF Complete "Pet Vet" = Pet Vet (remove only) "PROPLUS" = Microsoft Office Professional Plus 2007 "PROSetDX" = Intel® PRO Network Connections 12.1.14.1 "TeraCopy_is1" = TeraCopy 2.2 "Verizon V CAST Media Manager" = Verizon V CAST Media Manager "VLC media player" = VLC media player 1.1.5 "WinGimp-2.0_is1" = GIMP 2.6.4 "Zune" = Zune ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11/15/2010 5:32:03 PM | Computer Name = Matlick-PC | Source = Bonjour Service | ID = 100 Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.) Error - 11/15/2010 7:39:20 PM | Computer Name = Matlick-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.18975 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1470 Start Time: 01cb850cbacf9ec2 Termination Time: 7 Error - 11/15/2010 9:19:41 PM | Computer Name = Matlick-PC | Source = Bonjour Service | ID = 100 Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.) Error - 11/16/2010 9:58:33 PM | Computer Name = Matlick-PC | Source = Application Hang | ID = 1002 Description = The program HPAdvisor.exe version 1.1.19.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1278 Start Time: 01cb85fad1c20100 Termination Time: 0 Error - 11/18/2010 12:10:57 AM | Computer Name = Matlick-PC | Source = Bonjour Service | ID = 100 Description = 380: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.) Error - 11/18/2010 10:33:22 AM | Computer Name = Matlick-PC | Source = EventSystem | ID = 4621 Description = Error - 11/19/2010 1:26:53 AM | Computer Name = Matlick-PC | Source = EventSystem | ID = 4621 Description = Error - 11/19/2010 10:43:25 AM | Computer Name = Matlick-PC | Source = EventSystem | ID = 4621 Description = Error - 11/19/2010 10:46:23 AM | Computer Name = Matlick-PC | Source = EventSystem | ID = 4622 Description = Error - 11/19/2010 10:46:23 AM | Computer Name = Matlick-PC | Source = EventSystem | ID = 4621 Description = [ System Events ] Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 6/21/2012 5:05:05 PM | Computer Name = Matlick-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 6/21/2012 10:45:11 PM | Computer Name = Matlick-PC | Source = DCOM | ID = 10010 Description = < End of report > ********************** checkup.txt ********************** Results of screen317's Security Check version 0.99.42 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 CCleaner Moo0 DiskCleaner 1.02 Java™ 6 Update 26 Java™ 6 Update 2 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Microsoft Security Client Antimalware MsMpEng.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Microsoft Security Client Antimalware NisSrv.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! ````````````````````End of Log``````````````````````
  3. mmatlick
    Ok, Here we go. Thanks for your help! ******************** aswMBR report ******************** aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-06-20 16:04:44 ----------------------------- 16:04:44.729 OS Version: Windows 6.0.6002 Service Pack 2 16:04:44.729 Number of processors: 2 586 0x1706 16:04:44.729 ComputerName: MATLICK-PC UserName: 16:05:24.247 Initialize success 16:06:28.104 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 16:06:28.104 Disk 0 Vendor: ST3160815AS 3.CHF Size: 152627MB BusType: 3 16:06:28.104 Disk 0 MBR read successfully 16:06:28.120 Disk 0 MBR scan 16:06:28.120 Disk 0 Windows VISTA default MBR code 16:06:28.120 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 150625 MB offset 2048 16:06:28.151 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 2000 MB offset 308482048 16:06:28.151 Disk 0 scanning sectors +312578048 16:06:28.214 Disk 0 scanning C:\Windows\system32\drivers 16:06:35.748 Service scanning 16:06:40.803 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 16:06:48.556 Modules scanning 16:07:09.242 Scan finished successfully 16:41:37.146 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat" 16:41:37.146 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR.txt" ********************* TDSSKILLER log ********************* 16:42:53.0967 4092 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31 16:42:54.0435 4092 ============================================================ 16:42:54.0435 4092 Current date / time: 2012/06/20 16:42:54.0435 16:42:54.0435 4092 SystemInfo: 16:42:54.0435 4092 16:42:54.0435 4092 OS Version: 6.0.6002 ServicePack: 2.0 16:42:54.0435 4092 Product type: Workstation 16:42:54.0435 4092 ComputerName: MATLICK-PC 16:42:54.0435 4092 UserName: Administrator 16:42:54.0435 4092 Windows directory: C:\Windows 16:42:54.0435 4092 System windows directory: C:\Windows 16:42:54.0435 4092 Processor architecture: Intel x86 16:42:54.0435 4092 Number of processors: 2 16:42:54.0435 4092 Page size: 0x1000 16:42:54.0435 4092 Boot type: Normal boot 16:42:54.0435 4092 ============================================================ 16:42:54.0997 4092 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 16:42:55.0028 4092 ============================================================ 16:42:55.0028 4092 \Device\Harddisk0\DR0: 16:42:55.0028 4092 MBR partitions: 16:42:55.0028 4092 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12630800 16:42:55.0028 4092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12631000, BlocksNum 0x3E8000 16:42:55.0028 4092 ============================================================ 16:42:55.0059 4092 C: <-> \Device\Harddisk0\DR0\Partition0 16:42:55.0090 4092 D: <-> \Device\Harddisk0\DR0\Partition1 16:42:55.0090 4092 ============================================================ 16:42:55.0090 4092 Initialize success 16:42:55.0090 4092 ============================================================ 16:43:16.0696 3324 ============================================================ 16:43:16.0696 3324 Scan started 16:43:16.0696 3324 Mode: Manual; SigCheck; TDLFS; 16:43:16.0696 3324 ============================================================ 16:43:17.0632 3324 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 16:43:17.0726 3324 ACPI - ok 16:43:17.0788 3324 ADIHdAudAddService (b0269f270d29f0b0d602959271ab623b) C:\Windows\system32\drivers\ADIHdAud.sys 16:43:17.0882 3324 ADIHdAudAddService - ok 16:43:17.0913 3324 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 16:43:17.0975 3324 adp94xx - ok 16:43:18.0007 3324 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 16:43:18.0022 3324 adpahci - ok 16:43:18.0069 3324 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 16:43:18.0085 3324 adpu160m - ok 16:43:18.0100 3324 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 16:43:18.0116 3324 adpu320 - ok 16:43:18.0178 3324 AEADIFilters (12d23758621b00b8d3134095ec3325fd) C:\Windows\system32\AEADISRV.EXE 16:43:18.0194 3324 AEADIFilters - ok 16:43:18.0209 3324 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 16:43:18.0287 3324 AeLookupSvc - ok 16:43:18.0334 3324 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 16:43:18.0381 3324 AFD - ok 16:43:18.0412 3324 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 16:43:18.0428 3324 agp440 - ok 16:43:18.0459 3324 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 16:43:18.0475 3324 aic78xx - ok 16:43:18.0506 3324 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 16:43:18.0599 3324 ALG - ok 16:43:18.0615 3324 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 16:43:18.0631 3324 aliide - ok 16:43:18.0646 3324 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 16:43:18.0662 3324 amdagp - ok 16:43:18.0677 3324 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 16:43:18.0677 3324 amdide - ok 16:43:18.0693 3324 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 16:43:18.0818 3324 AmdK7 - ok 16:43:18.0849 3324 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 16:43:18.0865 3324 AmdK8 - ok 16:43:18.0896 3324 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 16:43:18.0927 3324 Appinfo - ok 16:43:18.0989 3324 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:43:19.0005 3324 Apple Mobile Device - ok 16:43:19.0052 3324 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll 16:43:19.0083 3324 AppMgmt - ok 16:43:19.0099 3324 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 16:43:19.0114 3324 arc - ok 16:43:19.0130 3324 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 16:43:19.0145 3324 arcsas - ok 16:43:19.0223 3324 aspnet_state (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 16:43:19.0223 3324 aspnet_state - ok 16:43:19.0270 3324 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 16:43:19.0286 3324 AsyncMac - ok 16:43:19.0301 3324 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 16:43:19.0317 3324 atapi - ok 16:43:19.0348 3324 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 16:43:19.0379 3324 AudioEndpointBuilder - ok 16:43:19.0379 3324 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 16:43:19.0395 3324 Audiosrv - ok 16:43:19.0426 3324 b57nd60x (8e287eb3a52fd30c999482c576f4a61b) C:\Windows\system32\DRIVERS\b57nd60x.sys 16:43:19.0457 3324 b57nd60x - ok 16:43:19.0520 3324 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 16:43:19.0520 3324 BcmSqlStartupSvc - ok 16:43:19.0551 3324 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 16:43:19.0567 3324 Beep - ok 16:43:19.0613 3324 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 16:43:19.0660 3324 BFE - ok 16:43:19.0707 3324 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll 16:43:19.0738 3324 BITS - ok 16:43:19.0754 3324 blbdrive - ok 16:43:19.0863 3324 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 16:43:19.0879 3324 Bonjour Service - ok 16:43:19.0894 3324 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 16:43:19.0925 3324 bowser - ok 16:43:19.0972 3324 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 16:43:19.0988 3324 BrFiltLo - ok 16:43:20.0019 3324 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 16:43:20.0035 3324 BrFiltUp - ok 16:43:20.0066 3324 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 16:43:20.0097 3324 Browser - ok 16:43:20.0113 3324 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 16:43:20.0159 3324 Brserid - ok 16:43:20.0175 3324 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 16:43:20.0206 3324 BrSerWdm - ok 16:43:20.0222 3324 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 16:43:20.0253 3324 BrUsbMdm - ok 16:43:20.0253 3324 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 16:43:20.0284 3324 BrUsbSer - ok 16:43:20.0300 3324 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 16:43:20.0331 3324 BTHMODEM - ok 16:43:20.0393 3324 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 16:43:20.0409 3324 cdfs - ok 16:43:20.0456 3324 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 16:43:20.0471 3324 cdrom - ok 16:43:20.0534 3324 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 16:43:20.0549 3324 CertPropSvc - ok 16:43:20.0596 3324 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 16:43:20.0643 3324 circlass - ok 16:43:20.0674 3324 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 16:43:20.0690 3324 CLFS - ok 16:43:20.0737 3324 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:43:20.0752 3324 clr_optimization_v2.0.50727_32 - ok 16:43:20.0799 3324 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:43:20.0846 3324 clr_optimization_v4.0.30319_32 - ok 16:43:20.0861 3324 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 16:43:20.0861 3324 cmdide - ok 16:43:20.0877 3324 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 16:43:20.0877 3324 Compbatt - ok 16:43:20.0877 3324 COMSysApp - ok 16:43:20.0878 3324 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 16:43:20.0909 3324 crcdisk - ok 16:43:20.0909 3324 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 16:43:20.0940 3324 Crusoe - ok 16:43:20.0956 3324 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll 16:43:20.0972 3324 CryptSvc - ok 16:43:21.0003 3324 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys 16:43:21.0065 3324 CSC - ok 16:43:21.0112 3324 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll 16:43:21.0143 3324 CscService - ok 16:43:21.0206 3324 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys 16:43:21.0237 3324 ctxusbm - ok 16:43:21.0284 3324 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 16:43:21.0330 3324 DcomLaunch - ok 16:43:21.0362 3324 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 16:43:21.0377 3324 DfsC - ok 16:43:21.0455 3324 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 16:43:21.0549 3324 DFSR - ok 16:43:21.0674 3324 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 16:43:21.0689 3324 Dhcp - ok 16:43:21.0752 3324 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 16:43:21.0767 3324 disk - ok 16:43:21.0798 3324 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 16:43:21.0830 3324 Dnscache - ok 16:43:21.0861 3324 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 16:43:21.0892 3324 dot3svc - ok 16:43:21.0923 3324 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 16:43:21.0954 3324 DPS - ok 16:43:21.0970 3324 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 16:43:21.0986 3324 drmkaud - ok 16:43:22.0017 3324 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 16:43:22.0048 3324 DXGKrnl - ok 16:43:22.0110 3324 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys 16:43:22.0126 3324 e1express - ok 16:43:22.0142 3324 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 16:43:22.0188 3324 E1G60 - ok 16:43:22.0204 3324 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 16:43:22.0220 3324 EapHost - ok 16:43:22.0251 3324 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 16:43:22.0266 3324 Ecache - ok 16:43:22.0298 3324 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 16:43:22.0313 3324 elxstor - ok 16:43:22.0344 3324 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 16:43:22.0407 3324 EMDMgmt - ok 16:43:22.0469 3324 EPSON_PM_RPCV4_01 (cdca791afa0483f44bba576dbfafd04d) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE 16:43:22.0485 3324 EPSON_PM_RPCV4_01 - ok 16:43:22.0532 3324 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 16:43:22.0563 3324 EventSystem - ok 16:43:22.0625 3324 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 16:43:22.0641 3324 exfat - ok 16:43:22.0688 3324 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 16:43:22.0703 3324 fastfat - ok 16:43:22.0734 3324 Fax (dfba0f60fa301e5b1bfb1403a93ee23e) C:\Windows\system32\fxssvc.exe 16:43:22.0797 3324 Fax - ok 16:43:22.0828 3324 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 16:43:22.0844 3324 fdc - ok 16:43:22.0875 3324 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 16:43:22.0890 3324 fdPHost - ok 16:43:22.0906 3324 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 16:43:22.0953 3324 FDResPub - ok 16:43:22.0984 3324 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 16:43:23.0000 3324 FileInfo - ok 16:43:23.0015 3324 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 16:43:23.0046 3324 Filetrace - ok 16:43:23.0062 3324 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 16:43:23.0109 3324 flpydisk - ok 16:43:23.0140 3324 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 16:43:23.0156 3324 FltMgr - ok 16:43:23.0218 3324 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 16:43:23.0296 3324 FontCache - ok 16:43:23.0358 3324 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 16:43:23.0374 3324 FontCache3.0.0.0 - ok 16:43:23.0390 3324 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 16:43:23.0421 3324 Fs_Rec - ok 16:43:23.0452 3324 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 16:43:23.0452 3324 gagp30kx - ok 16:43:23.0483 3324 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:43:23.0483 3324 GEARAspiWDM - ok 16:43:23.0530 3324 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 16:43:23.0561 3324 gpsvc - ok 16:43:23.0639 3324 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 16:43:23.0655 3324 gupdate - ok 16:43:23.0655 3324 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 16:43:23.0670 3324 gupdatem - ok 16:43:23.0702 3324 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 16:43:23.0764 3324 HdAudAddService - ok 16:43:23.0811 3324 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 16:43:23.0858 3324 HDAudBus - ok 16:43:23.0904 3324 HECI (c865d1f6d03595df213dc3c67e4e4c58) C:\Windows\system32\DRIVERS\HECI.sys 16:43:23.0920 3324 HECI - ok 16:43:23.0936 3324 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 16:43:23.0982 3324 HidBth - ok 16:43:23.0998 3324 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 16:43:24.0045 3324 HidIr - ok 16:43:24.0060 3324 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll 16:43:24.0092 3324 hidserv - ok 16:43:24.0107 3324 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 16:43:24.0123 3324 HidUsb - ok 16:43:24.0138 3324 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 16:43:24.0154 3324 hkmsvc - ok 16:43:24.0170 3324 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 16:43:24.0170 3324 HpCISSs - ok 16:43:24.0201 3324 htcusbnet (117d577c2ee74869428f196135daf0a1) C:\Windows\system32\DRIVERS\htcusbnet.sys 16:43:24.0216 3324 htcusbnet - ok 16:43:24.0248 3324 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 16:43:24.0310 3324 HTTP - ok 16:43:24.0310 3324 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 16:43:24.0326 3324 i2omp - ok 16:43:24.0357 3324 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 16:43:24.0372 3324 i8042prt - ok 16:43:24.0450 3324 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 16:43:24.0466 3324 iaStorV - ok 16:43:24.0591 3324 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 16:43:24.0622 3324 idsvc - ok 16:43:24.0762 3324 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys 16:43:24.0981 3324 igfx - ok 16:43:25.0106 3324 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 16:43:25.0106 3324 iirsp - ok 16:43:25.0168 3324 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 16:43:25.0215 3324 IKEEXT - ok 16:43:25.0262 3324 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 16:43:25.0277 3324 intelide - ok 16:43:25.0308 3324 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 16:43:25.0324 3324 intelppm - ok 16:43:25.0340 3324 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 16:43:25.0371 3324 IPBusEnum - ok 16:43:25.0386 3324 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:43:25.0418 3324 IpFilterDriver - ok 16:43:25.0449 3324 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 16:43:25.0480 3324 iphlpsvc - ok 16:43:25.0480 3324 IpInIp - ok 16:43:25.0511 3324 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 16:43:25.0558 3324 IPMIDRV - ok 16:43:25.0574 3324 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 16:43:25.0605 3324 IPNAT - ok 16:43:25.0698 3324 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 16:43:25.0730 3324 iPod Service - ok 16:43:25.0776 3324 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 16:43:25.0792 3324 IRENUM - ok 16:43:25.0823 3324 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 16:43:25.0823 3324 isapnp - ok 16:43:25.0870 3324 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 16:43:25.0901 3324 iScsiPrt - ok 16:43:25.0901 3324 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 16:43:25.0917 3324 iteatapi - ok 16:43:25.0917 3324 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 16:43:25.0932 3324 iteraid - ok 16:43:25.0964 3324 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 16:43:25.0964 3324 kbdclass - ok 16:43:25.0979 3324 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 16:43:26.0026 3324 kbdhid - ok 16:43:26.0042 3324 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 16:43:26.0073 3324 KeyIso - ok 16:43:26.0104 3324 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 16:43:26.0135 3324 KSecDD - ok 16:43:26.0182 3324 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 16:43:26.0229 3324 KtmRm - ok 16:43:26.0260 3324 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll 16:43:26.0276 3324 LanmanServer - ok 16:43:26.0307 3324 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 16:43:26.0354 3324 LanmanWorkstation - ok 16:43:26.0369 3324 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 16:43:26.0400 3324 lltdio - ok 16:43:26.0432 3324 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 16:43:26.0463 3324 lltdsvc - ok 16:43:26.0478 3324 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 16:43:26.0525 3324 lmhosts - ok 16:43:26.0556 3324 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 16:43:26.0556 3324 LSI_FC - ok 16:43:26.0588 3324 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 16:43:26.0588 3324 LSI_SAS - ok 16:43:26.0603 3324 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 16:43:26.0619 3324 LSI_SCSI - ok 16:43:26.0634 3324 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 16:43:26.0666 3324 luafv - ok 16:43:26.0697 3324 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 16:43:26.0712 3324 LVPr2Mon - ok 16:43:26.0744 3324 LVRS (b6e1ccd6572984adcae68439afd07011) C:\Windows\system32\DRIVERS\lvrs.sys 16:43:26.0759 3324 LVRS - ok 16:43:26.0900 3324 LVUVC (6c42815dd57e397f0cd988304b5eb4b3) C:\Windows\system32\DRIVERS\lvuvc.sys 16:43:27.0305 3324 LVUVC - ok 16:43:27.0414 3324 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys 16:43:27.0430 3324 MBAMProtector - ok 16:43:27.0508 3324 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 16:43:27.0539 3324 MBAMService - ok 16:43:27.0570 3324 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 16:43:27.0586 3324 megasas - ok 16:43:27.0602 3324 mferkdk - ok 16:43:27.0617 3324 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 16:43:27.0648 3324 MMCSS - ok 16:43:27.0664 3324 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 16:43:27.0695 3324 Modem - ok 16:43:27.0711 3324 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 16:43:27.0726 3324 monitor - ok 16:43:27.0742 3324 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 16:43:27.0742 3324 mouclass - ok 16:43:27.0773 3324 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 16:43:27.0789 3324 mouhid - ok 16:43:27.0820 3324 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 16:43:27.0820 3324 MountMgr - ok 16:43:27.0851 3324 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 16:43:27.0867 3324 MpFilter - ok 16:43:27.0898 3324 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 16:43:27.0898 3324 mpio - ok 16:43:27.0929 3324 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 16:43:27.0929 3324 MpNWMon - ok 16:43:27.0960 3324 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 16:43:27.0976 3324 mpsdrv - ok 16:43:28.0023 3324 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 16:43:28.0038 3324 MpsSvc - ok 16:43:28.0054 3324 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 16:43:28.0054 3324 Mraid35x - ok 16:43:28.0085 3324 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 16:43:28.0101 3324 MRxDAV - ok 16:43:28.0132 3324 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:43:28.0163 3324 mrxsmb - ok 16:43:28.0194 3324 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:43:28.0226 3324 mrxsmb10 - ok 16:43:28.0226 3324 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:43:28.0241 3324 mrxsmb20 - ok 16:43:28.0257 3324 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 16:43:28.0272 3324 msahci - ok 16:43:28.0288 3324 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 16:43:28.0304 3324 msdsm - ok 16:43:28.0319 3324 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 16:43:28.0350 3324 MSDTC - ok 16:43:28.0397 3324 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 16:43:28.0413 3324 Msfs - ok 16:43:28.0460 3324 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 16:43:28.0475 3324 msisadrv - ok 16:43:28.0491 3324 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 16:43:28.0522 3324 MSiSCSI - ok 16:43:28.0522 3324 msiserver - ok 16:43:28.0553 3324 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 16:43:28.0584 3324 MSKSSRV - ok 16:43:28.0616 3324 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe 16:43:28.0631 3324 MsMpSvc - ok 16:43:28.0662 3324 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 16:43:28.0678 3324 MSPCLOCK - ok 16:43:28.0694 3324 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 16:43:28.0725 3324 MSPQM - ok 16:43:28.0740 3324 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 16:43:28.0756 3324 MsRPC - ok 16:43:28.0787 3324 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 16:43:28.0803 3324 mssmbios - ok 16:43:28.0818 3324 MSSQL$MSSMLBIZ - ok 16:43:28.0865 3324 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 16:43:28.0865 3324 MSSQLServerADHelper - ok 16:43:28.0896 3324 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 16:43:28.0912 3324 MSTEE - ok 16:43:28.0928 3324 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 16:43:28.0943 3324 Mup - ok 16:43:28.0974 3324 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 16:43:29.0006 3324 napagent - ok 16:43:29.0037 3324 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 16:43:29.0052 3324 NativeWifiP - ok 16:43:29.0099 3324 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 16:43:29.0130 3324 NDIS - ok 16:43:29.0162 3324 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 16:43:29.0177 3324 NdisTapi - ok 16:43:29.0208 3324 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 16:43:29.0224 3324 Ndisuio - ok 16:43:29.0255 3324 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 16:43:29.0271 3324 NdisWan - ok 16:43:29.0286 3324 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 16:43:29.0302 3324 NDProxy - ok 16:43:29.0318 3324 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 16:43:29.0333 3324 NetBIOS - ok 16:43:29.0364 3324 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 16:43:29.0380 3324 netbt - ok 16:43:29.0396 3324 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 16:43:29.0411 3324 Netlogon - ok 16:43:29.0442 3324 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 16:43:29.0489 3324 Netman - ok 16:43:29.0520 3324 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 16:43:29.0552 3324 netprofm - ok 16:43:29.0630 3324 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:43:29.0630 3324 NetTcpPortSharing - ok 16:43:29.0661 3324 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 16:43:29.0676 3324 nfrd960 - ok 16:43:29.0708 3324 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 16:43:29.0708 3324 NisDrv - ok 16:43:29.0801 3324 NisSrv (a5cb074f34bbd89948e34a630d459c0c) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe 16:43:29.0817 3324 NisSrv - ok 16:43:29.0848 3324 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 16:43:29.0879 3324 NlaSvc - ok 16:43:29.0895 3324 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 16:43:29.0910 3324 Npfs - ok 16:43:29.0942 3324 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 16:43:29.0957 3324 nsi - ok 16:43:29.0988 3324 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 16:43:30.0004 3324 nsiproxy - ok 16:43:30.0051 3324 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 16:43:30.0098 3324 Ntfs - ok 16:43:30.0129 3324 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 16:43:30.0160 3324 ntrigdigi - ok 16:43:30.0176 3324 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 16:43:30.0191 3324 Null - ok 16:43:30.0207 3324 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 16:43:30.0207 3324 nvraid - ok 16:43:30.0222 3324 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 16:43:30.0238 3324 nvstor - ok 16:43:30.0254 3324 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 16:43:30.0254 3324 nv_agp - ok 16:43:30.0269 3324 NwlnkFlt - ok 16:43:30.0269 3324 NwlnkFwd - ok 16:43:30.0347 3324 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 16:43:30.0363 3324 odserv - ok 16:43:30.0425 3324 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 16:43:30.0456 3324 ohci1394 - ok 16:43:30.0519 3324 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:43:30.0534 3324 ose - ok 16:43:30.0581 3324 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 16:43:30.0644 3324 p2pimsvc - ok 16:43:30.0644 3324 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 16:43:30.0675 3324 p2psvc - ok 16:43:30.0706 3324 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys 16:43:30.0737 3324 Parport - ok 16:43:30.0784 3324 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 16:43:30.0800 3324 partmgr - ok 16:43:30.0846 3324 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys 16:43:30.0862 3324 Parvdm - ok 16:43:30.0893 3324 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 16:43:30.0924 3324 PcaSvc - ok 16:43:30.0956 3324 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 16:43:30.0971 3324 pci - ok 16:43:31.0002 3324 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 16:43:31.0002 3324 pciide - ok 16:43:31.0034 3324 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 16:43:31.0049 3324 pcmcia - ok 16:43:31.0080 3324 pdfcDispatcher - ok 16:43:31.0127 3324 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 16:43:31.0190 3324 PEAUTH - ok 16:43:31.0268 3324 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 16:43:31.0424 3324 pla - ok 16:43:31.0548 3324 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 16:43:31.0564 3324 PlugPlay - ok 16:43:31.0642 3324 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 16:43:31.0704 3324 PNRPAutoReg - ok 16:43:31.0704 3324 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 16:43:31.0736 3324 PNRPsvc - ok 16:43:31.0767 3324 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 16:43:31.0829 3324 PolicyAgent - ok 16:43:31.0907 3324 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 16:43:31.0923 3324 PptpMiniport - ok 16:43:31.0970 3324 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 16:43:32.0016 3324 Processor - ok 16:43:32.0032 3324 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 16:43:32.0063 3324 ProfSvc - ok 16:43:32.0079 3324 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 16:43:32.0094 3324 ProtectedStorage - ok 16:43:32.0126 3324 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 16:43:32.0141 3324 PSched - ok 16:43:32.0188 3324 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys 16:43:32.0188 3324 PxHelp20 - ok 16:43:32.0235 3324 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 16:43:32.0282 3324 ql2300 - ok 16:43:32.0313 3324 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 16:43:32.0328 3324 ql40xx - ok 16:43:32.0360 3324 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 16:43:32.0375 3324 QWAVE - ok 16:43:32.0406 3324 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 16:43:32.0406 3324 QWAVEdrv - ok 16:43:32.0422 3324 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 16:43:32.0438 3324 RasAcd - ok 16:43:32.0469 3324 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 16:43:32.0484 3324 RasAuto - ok 16:43:32.0516 3324 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:43:32.0531 3324 Rasl2tp - ok 16:43:32.0547 3324 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 16:43:32.0578 3324 RasMan - ok 16:43:32.0594 3324 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 16:43:32.0609 3324 RasPppoe - ok 16:43:32.0640 3324 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 16:43:32.0640 3324 RasSstp - ok 16:43:32.0672 3324 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 16:43:32.0703 3324 rdbss - ok 16:43:32.0718 3324 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:43:32.0734 3324 RDPCDD - ok 16:43:32.0765 3324 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys 16:43:32.0796 3324 rdpdr - ok 16:43:32.0796 3324 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 16:43:32.0812 3324 RDPENCDD - ok 16:43:32.0859 3324 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 16:43:32.0874 3324 RDPWD - ok 16:43:32.0906 3324 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 16:43:32.0921 3324 RemoteAccess - ok 16:43:32.0952 3324 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 16:43:32.0968 3324 RemoteRegistry - ok 16:43:33.0046 3324 RichVideo (4d05898896ec49cf663dda61041ab096) C:\Program Files\CyberLink\Shared Files\RichVideo.exe 16:43:33.0077 3324 RichVideo - ok 16:43:33.0093 3324 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys 16:43:33.0124 3324 RimUsb - ok 16:43:33.0140 3324 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 16:43:33.0155 3324 RimVSerPort - ok 16:43:33.0171 3324 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 16:43:33.0202 3324 ROOTMODEM - ok 16:43:33.0327 3324 RoxMediaDBVHS (fbbdf0287fc22abac49c253e82c82f13) C:\Program Files\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe 16:43:33.0436 3324 RoxMediaDBVHS - ok 16:43:33.0545 3324 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 16:43:33.0561 3324 RpcLocator - ok 16:43:33.0623 3324 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 16:43:33.0670 3324 RpcSs - ok 16:43:33.0732 3324 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 16:43:33.0764 3324 rspndr - ok 16:43:33.0779 3324 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 16:43:33.0795 3324 SamSs - ok 16:43:33.0826 3324 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 16:43:33.0826 3324 sbp2port - ok 16:43:33.0857 3324 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 16:43:33.0888 3324 SCardSvr - ok 16:43:33.0920 3324 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 16:43:33.0982 3324 Schedule - ok 16:43:34.0013 3324 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 16:43:34.0029 3324 SCPolicySvc - ok 16:43:34.0044 3324 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 16:43:34.0076 3324 SDRSVC - ok 16:43:34.0091 3324 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 16:43:34.0138 3324 secdrv - ok 16:43:34.0154 3324 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 16:43:34.0169 3324 seclogon - ok 16:43:34.0185 3324 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll 16:43:34.0200 3324 SENS - ok 16:43:34.0216 3324 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys 16:43:34.0232 3324 Serenum - ok 16:43:34.0263 3324 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys 16:43:34.0278 3324 Serial - ok 16:43:34.0310 3324 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 16:43:34.0325 3324 sermouse - ok 16:43:34.0356 3324 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 16:43:34.0372 3324 SessionEnv - ok 16:43:34.0388 3324 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 16:43:34.0419 3324 sffdisk - ok 16:43:34.0434 3324 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 16:43:34.0466 3324 sffp_mmc - ok 16:43:34.0481 3324 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 16:43:34.0512 3324 sffp_sd - ok 16:43:34.0528 3324 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 16:43:34.0544 3324 sfloppy - ok 16:43:34.0575 3324 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 16:43:34.0606 3324 SharedAccess - ok 16:43:34.0637 3324 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 16:43:34.0653 3324 ShellHWDetection - ok 16:43:34.0684 3324 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 16:43:34.0684 3324 sisagp - ok 16:43:34.0700 3324 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 16:43:34.0700 3324 SiSRaid2 - ok 16:43:34.0715 3324 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 16:43:34.0715 3324 SiSRaid4 - ok 16:43:34.0840 3324 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 16:43:35.0043 3324 slsvc - ok 16:43:35.0168 3324 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 16:43:35.0183 3324 SLUINotify - ok 16:43:35.0230 3324 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 16:43:35.0246 3324 Smb - ok 16:43:35.0277 3324 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 16:43:35.0292 3324 SNMPTRAP - ok 16:43:35.0308 3324 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 16:43:35.0324 3324 spldr - ok 16:43:35.0355 3324 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 16:43:35.0370 3324 Spooler - ok 16:43:35.0433 3324 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 16:43:35.0464 3324 SQLBrowser - ok 16:43:35.0542 3324 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 16:43:35.0542 3324 SQLWriter - ok 16:43:35.0589 3324 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 16:43:35.0620 3324 srv - ok 16:43:35.0667 3324 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 16:43:35.0698 3324 srv2 - ok 16:43:35.0714 3324 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 16:43:35.0729 3324 srvnet - ok 16:43:35.0760 3324 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 16:43:35.0792 3324 SSDPSRV - ok 16:43:35.0823 3324 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 16:43:35.0870 3324 SstpSvc - ok 16:43:35.0901 3324 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 16:43:35.0948 3324 stisvc - ok 16:43:36.0041 3324 stllssvr (ad989072596ab313d7fa13bcf69573f7) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 16:43:36.0041 3324 stllssvr - ok 16:43:36.0119 3324 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 16:43:36.0119 3324 swenum - ok 16:43:36.0150 3324 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 16:43:36.0182 3324 swprv - ok 16:43:36.0197 3324 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 16:43:36.0213 3324 Symc8xx - ok 16:43:36.0228 3324 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 16:43:36.0228 3324 Sym_hi - ok 16:43:36.0244 3324 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 16:43:36.0260 3324 Sym_u3 - ok 16:43:36.0291 3324 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 16:43:36.0322 3324 SysMain - ok 16:43:36.0369 3324 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 16:43:36.0384 3324 TabletInputService - ok 16:43:36.0400 3324 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 16:43:36.0431 3324 TapiSrv - ok 16:43:36.0462 3324 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 16:43:36.0494 3324 TBS - ok 16:43:36.0540 3324 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys 16:43:36.0587 3324 Tcpip - ok 16:43:36.0587 3324 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys 16:43:36.0618 3324 Tcpip6 - ok 16:43:36.0650 3324 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys 16:43:36.0681 3324 tcpipreg - ok 16:43:36.0712 3324 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 16:43:36.0728 3324 TDPIPE - ok 16:43:36.0759 3324 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 16:43:36.0774 3324 TDTCP - ok 16:43:36.0806 3324 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 16:43:36.0821 3324 tdx - ok 16:43:36.0852 3324 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 16:43:36.0868 3324 TermDD - ok 16:43:36.0899 3324 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 16:43:36.0946 3324 TermService - ok 16:43:37.0008 3324 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 16:43:37.0055 3324 Themes - ok 16:43:37.0086 3324 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 16:43:37.0102 3324 THREADORDER - ok 16:43:37.0133 3324 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys 16:43:37.0149 3324 TPM - ok 16:43:37.0164 3324 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 16:43:37.0196 3324 TrkWks - ok 16:43:37.0242 3324 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 16:43:37.0258 3324 TrustedInstaller - ok 16:43:37.0274 3324 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:43:37.0305 3324 tssecsrv - ok 16:43:37.0336 3324 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 16:43:37.0367 3324 tunmp - ok 16:43:37.0383 3324 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 16:43:37.0398 3324 tunnel - ok 16:43:37.0414 3324 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 16:43:37.0430 3324 uagp35 - ok 16:43:37.0461 3324 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 16:43:37.0492 3324 udfs - ok 16:43:37.0508 3324 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 16:43:37.0539 3324 UI0Detect - ok 16:43:37.0554 3324 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 16:43:37.0554 3324 uliagpkx - ok 16:43:37.0570 3324 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 16:43:37.0601 3324 uliahci - ok 16:43:37.0632 3324 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 16:43:37.0648 3324 UlSata - ok 16:43:37.0679 3324 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 16:43:37.0695 3324 ulsata2 - ok 16:43:37.0710 3324 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 16:43:37.0726 3324 umbus - ok 16:43:37.0742 3324 UmRdpService (8a66360f38f81e960e2367b428cbd5d9) C:\Windows\System32\umrdp.dll 16:43:37.0773 3324 UmRdpService - ok 16:43:37.0851 3324 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 16:43:37.0898 3324 UMVPFSrv - ok 16:43:37.0944 3324 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 16:43:37.0991 3324 upnphost - ok 16:43:38.0054 3324 USB28xxBGA (66754eee4ad1a9896b094df64e13101a) C:\Windows\system32\DRIVERS\emBDA.sys 16:43:38.0085 3324 USB28xxBGA - ok 16:43:38.0116 3324 USB28xxOEM (7736875610b20481c0cb64db53dff780) C:\Windows\system32\DRIVERS\emOEM.sys 16:43:38.0147 3324 USB28xxOEM - ok 16:43:38.0210 3324 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 16:43:38.0225 3324 USBAAPL - ok 16:43:38.0256 3324 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 16:43:38.0272 3324 usbaudio - ok 16:43:38.0303 3324 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 16:43:38.0319 3324 usbccgp - ok 16:43:38.0350 3324 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 16:43:38.0381 3324 usbcir - ok 16:43:38.0412 3324 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 16:43:38.0444 3324 usbehci - ok 16:43:38.0475 3324 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 16:43:38.0506 3324 usbhub - ok 16:43:38.0522 3324 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 16:43:38.0553 3324 usbohci - ok 16:43:38.0584 3324 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 16:43:38.0600 3324 usbprint - ok 16:43:38.0615 3324 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 16:43:38.0631 3324 usbscan - ok 16:43:38.0646 3324 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:43:38.0678 3324 USBSTOR - ok 16:43:38.0693 3324 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 16:43:38.0709 3324 usbuhci - ok 16:43:38.0740 3324 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 16:43:38.0771 3324 usbvideo - ok 16:43:38.0802 3324 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 16:43:38.0818 3324 UxSms - ok 16:43:38.0849 3324 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 16:43:38.0896 3324 vds - ok 16:43:38.0958 3324 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 16:43:39.0005 3324 vga - ok 16:43:39.0036 3324 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 16:43:39.0052 3324 VgaSave - ok 16:43:39.0068 3324 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 16:43:39.0083 3324 viaagp - ok 16:43:39.0099 3324 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 16:43:39.0130 3324 ViaC7 - ok 16:43:39.0146 3324 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 16:43:39.0146 3324 viaide - ok 16:43:39.0177 3324 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 16:43:39.0177 3324 volmgr - ok 16:43:39.0208 3324 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 16:43:39.0239 3324 volmgrx - ok 16:43:39.0270 3324 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 16:43:39.0286 3324 volsnap - ok 16:43:39.0317 3324 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 16:43:39.0317 3324 vsmraid - ok 16:43:39.0380 3324 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 16:43:39.0426 3324 VSS - ok 16:43:39.0458 3324 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 16:43:39.0473 3324 W32Time - ok 16:43:39.0504 3324 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 16:43:39.0536 3324 WacomPen - ok 16:43:39.0567 3324 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 16:43:39.0582 3324 Wanarp - ok 16:43:39.0582 3324 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 16:43:39.0598 3324 Wanarpv6 - ok 16:43:39.0645 3324 wbengine (20b23332885dfb93fe0185362ee811e9) C:\Windows\system32\wbengine.exe 16:43:39.0723 3324 wbengine - ok 16:43:39.0754 3324 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 16:43:39.0801 3324 wcncsvc - ok 16:43:39.0832 3324 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 16:43:39.0848 3324 WcsPlugInService - ok 16:43:39.0910 3324 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 16:43:39.0926 3324 Wd - ok 16:43:39.0957 3324 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 16:43:40.0019 3324 Wdf01000 - ok 16:43:40.0050 3324 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 16:43:40.0082 3324 WdiServiceHost - ok 16:43:40.0082 3324 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 16:43:40.0113 3324 WdiSystemHost - ok 16:43:40.0128 3324 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 16:43:40.0160 3324 WebClient - ok 16:43:40.0191 3324 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 16:43:40.0222 3324 Wecsvc - ok 16:43:40.0253 3324 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 16:43:40.0269 3324 wercplsupport - ok 16:43:40.0300 3324 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 16:43:40.0331 3324 WerSvc - ok 16:43:40.0378 3324 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 16:43:40.0409 3324 WinDefend - ok 16:43:40.0409 3324 WinHttpAutoProxySvc - ok 16:43:40.0456 3324 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 16:43:40.0487 3324 Winmgmt - ok 16:43:40.0534 3324 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 16:43:40.0581 3324 WinRM - ok 16:43:40.0659 3324 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys 16:43:40.0690 3324 WinUSB - ok 16:43:40.0721 3324 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 16:43:40.0784 3324 Wlansvc - ok 16:43:40.0893 3324 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe 16:43:40.0955 3324 WLSetupSvc - ok 16:43:40.0971 3324 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 16:43:41.0002 3324 WmiAcpi - ok 16:43:41.0033 3324 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 16:43:41.0064 3324 wmiApSrv - ok 16:43:41.0127 3324 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 16:43:41.0189 3324 WMPNetworkSvc - ok 16:43:41.0252 3324 WMZuneComm (a3ba4712ebf768edfbccec09fa120b6f) c:\Program Files\Zune\WMZuneComm.exe 16:43:41.0283 3324 WMZuneComm - ok 16:43:41.0361 3324 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 16:43:41.0392 3324 WPDBusEnum - ok 16:43:41.0439 3324 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 16:43:41.0454 3324 WpdUsb - ok 16:43:41.0579 3324 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 16:43:41.0610 3324 WPFFontCache_v0400 - ok 16:43:41.0626 3324 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 16:43:41.0657 3324 ws2ifsl - ok 16:43:41.0673 3324 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll 16:43:41.0688 3324 wscsvc - ok 16:43:41.0704 3324 WSearch - ok 16:43:41.0782 3324 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 16:43:41.0907 3324 wuauserv - ok 16:43:42.0032 3324 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 16:43:42.0063 3324 WudfPf - ok 16:43:42.0094 3324 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:43:42.0110 3324 WUDFRd - ok 16:43:42.0125 3324 wudfsvc (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll 16:43:42.0156 3324 wudfsvc - ok 16:43:42.0406 3324 ZuneNetworkSvc (5bdcacd5b2b0fb972bc570e70f616acf) c:\Program Files\Zune\ZuneNss.exe 16:43:42.0843 3324 ZuneNetworkSvc - ok 16:43:42.0874 3324 ZuneWlanCfgSvc (e22e48654a66aa3e24f4646c6bc1756c) c:\Program Files\Zune\ZuneWlanCfgSvc.exe 16:43:42.0905 3324 ZuneWlanCfgSvc - ok 16:43:42.0952 3324 MBR (0x1B8) (4975bdbeda8a3afb2aeadefc06ce9e12) \Device\Harddisk0\DR0 16:43:43.0295 3324 \Device\Harddisk0\DR0 - ok 16:43:43.0295 3324 Boot (0x1200) (e3f7a9501d22505133f6ddaf3c0166a5) \Device\Harddisk0\DR0\Partition0 16:43:43.0295 3324 \Device\Harddisk0\DR0\Partition0 - ok 16:43:43.0311 3324 Boot (0x1200) (b292ab190344c7930b5139bd1665199f) \Device\Harddisk0\DR0\Partition1 16:43:43.0311 3324 \Device\Harddisk0\DR0\Partition1 - ok 16:43:43.0311 3324 ============================================================ 16:43:43.0311 3324 Scan finished 16:43:43.0311 3324 ============================================================ 16:43:43.0311 0304 Detected object count: 0 16:43:43.0311 0304 Actual detected object count: 0 *****Continued on Next Reply*****
  4. mmatlick
    I have a Windows Vista machine infected with PUM.Hijack.StartMenu. It appears to be only affecting one of the (limited) accounts on the machine and keeps coming back after scan/fix. According to the topic referenced below, I am starting this thread to be guided through the process of permanent cleaning. The assistance is much appreciated, thanks in advance. http://forums.malwar...howtopic=107001
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.