Jump to content

engelke830

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

 Content Type 

Everything posted by engelke830

  1. engelke830
    Hi, I ran TFC. Uninstalled Combofix. Deleted SecurityCheck. Uninstalled JavaFX 2.1.1., Java 6 Update 5, Java 6 Update 7, Adobe Flash Player 10, and Adobe Reader 9. [Note: I have Adobe Acrobat 9, Adobe Flash Player 11 Plugin, and Java 7 update 5 installed but I did not uninstall them. I only uninstalled the ones you listed.] Then I restarted. I downloaded Defraggler and ran that. Then I restarted again. I do not seem to be having any issues with my computer now. Thank you, Billy
  2. engelke830
    I ran TFC.exe. Then I ran the scan with ESET online scanner. I don't think it found any threats or unwanted applications. However, the log isn't in the program files folder. There is just an application "OnlineScannerUninstaller" and the activeX control. Then I ran the security check (log below). Things are running well now and I am not having any issues anymore. Results of screen317's Security Check version 0.99.43 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.1 Java 7 Update 5 Java 6 Update 5 Java 6 Update 7 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.3.300.268 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (Meeting.) Google Chrome 20.0.1132.57 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 13 % Defragment your hard drive soon! ````````````````````End of Log``````````````````````
  3. engelke830
    I uninstalled Chrome. Restarted. Erased the folder you specified. Restarted. Tested Amazon on IE and FF. No redirects. I installed Chrome. Tested Amazon. No redirects. Restarted. Tested Amazon. No redirects. I restarted Chrome and logged into it with my google account. Tested Amazon. No redirects. It appears as if the problem was solved. I'm amazed that something as simple as uninstalling Chrome seems to have fixed the problem. Thank you.
  4. engelke830
    Restarted. Tried Firefox first. I don't think it was redirected. Then I tried Internet Explorer. I don't think it was redirected either. Finally, I tried Chrome. It was redirected to booksblogging.info.
  5. engelke830
    In Chrome, when I go to Amazon.com and search for something and then click the link for one of the results, I get redirected to sites ending with ".info". They aren't always the same site but they are always ".info". After 1 or 2 seconds on the redirected site, I get redirected back to my original target (though now signed out of Amazon). In addition, it doesn't happen each time I go to Amazon. It seems like it only happens the first time after I startup my laptop. I know almost 100% for sure that everytime I start up my laptop, if I go to Amazon and search for something, I'll get redirected when I click on one of the results. However, I'm not sure if I have to restart to have it happen again or if there is a time limit between redirects. I hadn't tried other browsers but I just tried right now. It doesn't appear that I got redirected in either Firefox or IE. However, I didn't restart before I tried. I haven't restarted since Combofix restarted the computer for me. I did check to see if Amazon via Chrome was still being redirected after running Combofix and it was.
  6. engelke830
    Okay. I followed the instructions for uninstalling ComboFix. Then I downloaded a new copy and ran it. My log is below. ComboFix 12-07-26.03 - Engelke 07/25/2012 9:31.3.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3571.2224 [GMT -7:00] Running from: c:\users\Engelke\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Engelke\AppData\Local\temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-25 to 2012-07-25 ))))))))))))))))))))))))))))))) . . 2012-07-25 16:41 . 2012-07-25 16:43 -------- d-----w- c:\users\Engelke\AppData\Local\temp 2012-07-25 16:41 . 2012-07-25 16:41 -------- d-----w- c:\users\TEMP.Engelke-PC.000\AppData\Local\temp 2012-07-25 16:41 . 2012-07-25 16:41 -------- d-----w- c:\users\postgres\AppData\Local\temp 2012-07-25 16:41 . 2012-07-25 16:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-25 16:41 . 2012-07-25 16:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-07-19 16:04 . 2012-07-24 17:12 -------- d-----w- c:\users\Engelke\AppData\Local\Spotify 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\users\Engelke\AppData\Roaming\SUPERAntiSpyware.com 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-07-12 20:20 . 2012-07-13 14:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-11 22:32 . 2012-07-12 16:57 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-11 21:30 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:24 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 17:24 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:24 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:22 . 2012-07-18 21:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 17:22 . 2012-07-03 20:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 17:19 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:19 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:19 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-03 23:10 . 2012-07-03 23:10 -------- d-----w- c:\program files\Oracle 2012-07-03 23:09 . 2012-05-05 02:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-28 14:49 . 2012-06-28 14:49 -------- d-----w- c:\users\Engelke\AppData\Local\Macromedia . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-25 13:55 . 2008-09-23 22:00 0 ----a-w- c:\users\Engelke\AppData\Local\WavXMapDrive.bat 2012-07-12 16:54 . 2012-03-29 14:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-12 16:54 . 2011-06-03 23:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-29 08:44 . 2012-07-25 14:06 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4FF20B5-3B63-4369-9A36-3E52E0931CFD}\mpengine.dll 2012-06-29 08:44 . 2012-07-23 15:55 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-02 22:19 . 2012-06-22 14:52 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 22:19 . 2012-06-22 14:54 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-22 14:54 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-22 14:53 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-22 14:53 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-22 14:54 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-22 14:54 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-22 14:52 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 22:12 . 2012-06-22 14:53 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-05-29 07:38 . 2012-05-29 07:38 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 01:50 . 2012-06-12 14:02 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-05-24 01:49 . 2012-05-24 01:49 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2012-05-24 01:49 . 2012-05-24 01:49 30568 ----a-w- c:\windows\MusiccityDownload.exe 2012-05-24 01:49 . 2012-05-24 01:49 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2012-05-24 01:49 . 2012-05-24 01:49 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 569344 ----a-w- c:\windows\system32\muzdecode.ax 2012-05-24 01:49 . 2012-05-24 01:49 491520 ----a-w- c:\windows\system32\muzapp.dll 2012-05-24 01:49 . 2012-05-24 01:49 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2012-05-24 01:49 . 2012-05-24 01:49 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-05-24 01:49 . 2012-05-24 01:49 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2012-05-24 01:49 . 2012-05-24 01:49 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2012-05-24 01:49 . 2012-05-24 01:49 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2012-05-24 01:49 . 2012-05-24 01:49 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2012-05-24 01:49 . 2012-05-24 01:49 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2012-05-24 01:49 . 2012-05-24 01:49 245760 ----a-w- c:\windows\system32\MSCLib.dll 2012-05-24 01:49 . 2012-05-24 01:49 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2012-05-24 01:49 . 2012-05-24 01:49 200704 ----a-w- c:\windows\system32\muzwmts.dll 2012-05-24 01:49 . 2012-05-24 01:49 172032 ----a-w- c:\windows\system32\muzapp.exe 2012-05-24 01:49 . 2012-05-24 01:49 155648 ----a-w- c:\windows\system32\MSFLib.dll 2012-05-24 01:49 . 2012-05-24 01:49 143360 ----a-w- c:\windows\system32\3DAudio.ax 2012-05-24 01:49 . 2012-05-24 01:49 135168 ----a-w- c:\windows\system32\muzaf1.dll 2012-05-24 01:49 . 2012-05-24 01:49 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2012-05-24 01:49 . 2012-05-24 01:49 122880 ----a-w- c:\windows\system32\muzeffect.ax 2012-05-24 01:49 . 2012-05-24 01:49 118784 ----a-w- c:\windows\system32\MaDRM.dll 2012-05-24 01:49 . 2012-05-24 01:49 110592 ----a-w- c:\windows\system32\muzmp4sp.ax 2012-05-24 01:49 . 2012-06-12 14:02 821824 ----a-w- c:\windows\system32\dgderapi.dll 2012-05-24 01:49 . 2012-06-12 14:02 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys 2012-05-24 01:49 . 2008-09-19 21:46 319456 ----a-w- c:\windows\system32\DIFxAPI.dll 2012-05-21 02:09 . 2012-06-12 14:05 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09 . 2012-06-12 14:05 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2012-05-05 02:29 . 2010-06-03 21:45 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-01 14:03 . 2012-06-13 22:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2000-07-15 07:00 . 2008-10-08 21:23 136192 ----a-w- c:\program files\Common Files\Msderun.dll 2012-01-29 15:55 . 2012-02-08 17:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-04-14 21:01 . 2011-03-03 05:55 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{022F2F51-CDDA-4873-8A29-72C66C808A3F}" [HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}] 2009-11-08 17:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{661963C1-99A1-44e7-A671-1CF3768AE9D4}" [HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}] 2009-11-08 17:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-19 68856] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480] "googletalk"="c:\users\Engelke\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Spotify Web Helper"="c:\users\Engelke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-19 1193176] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 99328] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-11 442467] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-30 30248] "nwiz"="nwiz.exe" [2009-06-11 1657376] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2007-08-31 988584] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-30 46632] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-14 30192] "FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-02-06 843776] "EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160] "EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-01-12 669520] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-27 17920] "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-05-30 593920] "DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-08-25 1486848] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDellB.exe" [2008-04-11 372736] "DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-11-08 65536] "ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-05 630784] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-02 196608] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440] "Smart touch i1200"="c:\program files\Kodak\Document Imaging\kds_i1200\Smart touch\KSSCFG.exe" [2008-04-22 188416] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\users\Engelke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Engelke\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 752168] Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2008-8-18 1186896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\aestsrv.exe [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPService REG_MULTI_SZ HPSLPSVC . Contents of the 'Scheduled Tasks' folder . 2012-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 16:54] . 2012-07-24 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-19 16:52] . 2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 03:54] . 2012-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 03:54] . 2012-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2269250054-1500103086-2089624545-1003Core.job - c:\users\Engelke\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-15 17:45] . 2012-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2269250054-1500103086-2089624545-1003UA.job - c:\users\Engelke\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-15 17:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE}: NameServer = 65.106.1.196,65.106.7.196 DPF: {DAF7E6E7-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab FF - ProfilePath - c:\users\Engelke\AppData\Roaming\Mozilla\Firefox\Profiles\dg8csqv0.default\ . . ************************************************************************** scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4] "ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4] "ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(684) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll c:\windows\System32\TdmNetworkProvider.dll . - - - - - - - > 'Explorer.exe'(6044) c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\ieframe.dll c:\windows\system32\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\STacSV.exe c:\windows\system32\WLANExt.exe c:\windows\system32\nvvsvc.exe c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe c:\program files\Dell\Ambient Light Sensor\AlsSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Intel\ASF Agent\ASFAgent.exe c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\PostgreSQL\8.4\bin\pg_ctl.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe . ************************************************************************** . Completion time: 2012-07-25 09:52:47 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-25 16:51 ComboFix2.txt 2012-07-20 16:07 . Pre-Run: 38,721,036,288 bytes free Post-Run: 38,576,734,208 bytes free . - - End Of File - - F6AD3129BA35705215785C9BE9F8F887
  7. engelke830
    Hi. I'm still getting redirected. Currently I connect to the internet at my office both through a wireless router and through an ethernet cable.
  8. engelke830
    TDSSKiller didn't prompt me for a reboot. Here is the report. 08:49:49.0089 4272 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30 08:49:49.0729 4272 ============================================================ 08:49:49.0729 4272 Current date / time: 2012/07/23 08:49:49.0729 08:49:49.0729 4272 SystemInfo: 08:49:49.0729 4272 08:49:49.0729 4272 OS Version: 6.0.6002 ServicePack: 2.0 08:49:49.0729 4272 Product type: Workstation 08:49:49.0729 4272 ComputerName: ENGELKE-PC 08:49:49.0729 4272 UserName: Engelke 08:49:49.0729 4272 Windows directory: C:\Windows 08:49:49.0729 4272 System windows directory: C:\Windows 08:49:49.0729 4272 Processor architecture: Intel x86 08:49:49.0729 4272 Number of processors: 2 08:49:49.0729 4272 Page size: 0x1000 08:49:49.0729 4272 Boot type: Normal boot 08:49:49.0729 4272 ============================================================ 08:49:50.0103 4272 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 08:49:50.0103 4272 ============================================================ 08:49:50.0103 4272 \Device\Harddisk0\DR0: 08:49:50.0103 4272 MBR partitions: 08:49:50.0103 4272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x400000 08:49:50.0103 4272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x437000, BlocksNum 0x125E2000 08:49:50.0103 4272 ============================================================ 08:49:50.0150 4272 C: <-> \Device\Harddisk0\DR0\Partition1 08:49:50.0290 4272 D: <-> \Device\Harddisk0\DR0\Partition0 08:49:50.0290 4272 ============================================================ 08:49:50.0290 4272 Initialize success 08:49:50.0290 4272 ============================================================ 08:49:53.0675 5208 ============================================================ 08:49:53.0691 5208 Scan started 08:49:53.0691 5208 Mode: Manual; 08:49:53.0691 5208 ============================================================ 08:49:54.0268 5208 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE 08:49:54.0284 5208 !SASCORE - ok 08:49:54.0955 5208 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 08:49:54.0955 5208 ACPI - ok 08:49:55.0048 5208 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 08:49:55.0064 5208 AdobeFlashPlayerUpdateSvc - ok 08:49:55.0157 5208 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 08:49:55.0173 5208 adp94xx - ok 08:49:55.0220 5208 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 08:49:55.0251 5208 adpahci - ok 08:49:55.0267 5208 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 08:49:55.0282 5208 adpu160m - ok 08:49:55.0313 5208 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 08:49:55.0329 5208 adpu320 - ok 08:49:55.0376 5208 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 08:49:55.0376 5208 AeLookupSvc - ok 08:49:55.0469 5208 AESTFilters (3b1b2ee9df189f6bbb080bf393d1b2ee) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\aestsrv.exe 08:49:55.0469 5208 AESTFilters - ok 08:49:55.0579 5208 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 08:49:55.0594 5208 AFD - ok 08:49:55.0641 5208 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 08:49:55.0641 5208 agp440 - ok 08:49:55.0657 5208 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 08:49:55.0672 5208 aic78xx - ok 08:49:55.0703 5208 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 08:49:55.0703 5208 ALG - ok 08:49:55.0719 5208 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 08:49:55.0719 5208 aliide - ok 08:49:56.0000 5208 alssvc (5e14e9877bb47babdcfb33cdcc4136ed) C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe 08:49:56.0031 5208 alssvc - ok 08:49:56.0062 5208 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 08:49:56.0062 5208 amdagp - ok 08:49:56.0078 5208 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 08:49:56.0093 5208 amdide - ok 08:49:56.0109 5208 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 08:49:56.0109 5208 AmdK7 - ok 08:49:56.0156 5208 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 08:49:56.0156 5208 AmdK8 - ok 08:49:56.0203 5208 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys 08:49:56.0218 5208 ApfiltrService - ok 08:49:56.0249 5208 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 08:49:56.0249 5208 Appinfo - ok 08:49:56.0359 5208 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 08:49:56.0359 5208 Apple Mobile Device - ok 08:49:56.0405 5208 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll 08:49:56.0405 5208 AppMgmt - ok 08:49:56.0452 5208 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 08:49:56.0468 5208 arc - ok 08:49:56.0515 5208 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 08:49:56.0515 5208 arcsas - ok 08:49:56.0624 5208 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe 08:49:56.0639 5208 ASFAgent - ok 08:49:56.0655 5208 AsfAlrt (acee9813685f4a03ee5a160057dd61a8) C:\Windows\system32\Drivers\AsfAlrt.sys 08:49:56.0671 5208 AsfAlrt - ok 08:49:56.0842 5208 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 08:49:56.0858 5208 aspnet_state - ok 08:49:56.0889 5208 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 08:49:56.0889 5208 AsyncMac - ok 08:49:56.0936 5208 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys 08:49:56.0936 5208 atapi - ok 08:49:56.0998 5208 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 08:49:57.0014 5208 AudioEndpointBuilder - ok 08:49:57.0014 5208 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 08:49:57.0014 5208 Audiosrv - ok 08:49:57.0170 5208 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe 08:49:57.0185 5208 BBSvc - ok 08:49:57.0217 5208 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe 08:49:57.0232 5208 BBUpdate - ok 08:49:57.0341 5208 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 08:49:57.0419 5208 BcmSqlStartupSvc - ok 08:49:57.0451 5208 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 08:49:57.0451 5208 Beep - ok 08:49:57.0575 5208 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 08:49:57.0778 5208 BFE - ok 08:49:58.0028 5208 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 08:49:58.0059 5208 BITS - ok 08:49:58.0090 5208 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 08:49:58.0090 5208 blbdrive - ok 08:49:58.0246 5208 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 08:49:58.0262 5208 Bonjour Service - ok 08:49:58.0387 5208 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 08:49:58.0402 5208 bowser - ok 08:49:58.0449 5208 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 08:49:58.0449 5208 BrFiltLo - ok 08:49:58.0465 5208 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 08:49:58.0465 5208 BrFiltUp - ok 08:49:58.0496 5208 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 08:49:58.0496 5208 Browser - ok 08:49:58.0527 5208 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 08:49:58.0543 5208 Brserid - ok 08:49:58.0558 5208 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 08:49:58.0574 5208 BrSerWdm - ok 08:49:58.0589 5208 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 08:49:58.0589 5208 BrUsbMdm - ok 08:49:58.0605 5208 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 08:49:58.0605 5208 BrUsbSer - ok 08:49:58.0667 5208 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 08:49:58.0667 5208 BthEnum - ok 08:49:58.0683 5208 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 08:49:58.0683 5208 BTHMODEM - ok 08:49:58.0730 5208 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 08:49:58.0745 5208 BthPan - ok 08:49:59.0151 5208 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 08:49:59.0167 5208 BthPort - ok 08:49:59.0229 5208 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll 08:49:59.0229 5208 BthServ - ok 08:49:59.0323 5208 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 08:49:59.0323 5208 BTHUSB - ok 08:49:59.0354 5208 btwaudio (58c4b59d0ebfb637e2e296cf4a686ba0) C:\Windows\system32\drivers\btwaudio.sys 08:49:59.0369 5208 btwaudio - ok 08:49:59.0385 5208 btwavdt (e8cc9436cc464d6975adbc4aece0ba7b) C:\Windows\system32\drivers\btwavdt.sys 08:49:59.0385 5208 btwavdt - ok 08:49:59.0557 5208 btwdins (aa29be5bf3d40ca73447639e293fe4c8) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 08:49:59.0603 5208 btwdins - ok 08:49:59.0635 5208 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys 08:49:59.0635 5208 btwl2cap - ok 08:49:59.0650 5208 btwrchid (62ed55843f8216eb25a909a820613033) C:\Windows\system32\DRIVERS\btwrchid.sys 08:49:59.0650 5208 btwrchid - ok 08:49:59.0962 5208 buttonsvc32 (4749020c47aa0f13f256d8f694751812) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe 08:50:00.0071 5208 buttonsvc32 - ok 08:50:00.0243 5208 catchme - ok 08:50:00.0290 5208 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 08:50:00.0305 5208 cdfs - ok 08:50:00.0368 5208 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 08:50:00.0368 5208 cdrom - ok 08:50:00.0415 5208 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 08:50:00.0415 5208 CertPropSvc - ok 08:50:00.0446 5208 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 08:50:00.0446 5208 circlass - ok 08:50:00.0493 5208 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 08:50:00.0508 5208 CLFS - ok 08:50:00.0555 5208 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:50:00.0555 5208 clr_optimization_v2.0.50727_32 - ok 08:50:00.0711 5208 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 08:50:00.0789 5208 clr_optimization_v4.0.30319_32 - ok 08:50:00.0820 5208 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 08:50:00.0820 5208 CmBatt - ok 08:50:00.0851 5208 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 08:50:00.0851 5208 cmdide - ok 08:50:00.0883 5208 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 08:50:00.0883 5208 Compbatt - ok 08:50:00.0883 5208 COMSysApp - ok 08:50:00.0914 5208 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 08:50:00.0914 5208 crcdisk - ok 08:50:01.0210 5208 Credential Vault Host Control Service (5b0c32a596fdd0aaa10e147e4d71e086) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe 08:50:01.0257 5208 Credential Vault Host Control Service - ok 08:50:01.0273 5208 Credential Vault Host Storage (14ce9dec178a24356bc2fde8ce586d80) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe 08:50:01.0273 5208 Credential Vault Host Storage - ok 08:50:01.0304 5208 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 08:50:01.0304 5208 Crusoe - ok 08:50:01.0351 5208 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll 08:50:01.0366 5208 CryptSvc - ok 08:50:01.0429 5208 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys 08:50:01.0429 5208 CSC - ok 08:50:01.0553 5208 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll 08:50:01.0569 5208 CscService - ok 08:50:01.0600 5208 cvusbdrv (6fdbd7618935247d24a84d673d796ad0) C:\Windows\system32\Drivers\cvusbdrv.sys 08:50:01.0600 5208 cvusbdrv - ok 08:50:01.0678 5208 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 08:50:01.0694 5208 DcomLaunch - ok 08:50:02.0021 5208 dcpsysmgrsvc (e97e88a59ebe58de24b9823ccec6d499) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe 08:50:02.0037 5208 dcpsysmgrsvc - ok 08:50:02.0193 5208 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 08:50:02.0193 5208 DfsC - ok 08:50:02.0677 5208 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 08:50:02.0755 5208 DFSR - ok 08:50:02.0973 5208 dg_ssudbus (f9f31a9f2a8c0dd0ceb6e380bf0985d4) C:\Windows\system32\DRIVERS\ssudbus.sys 08:50:02.0989 5208 dg_ssudbus - ok 08:50:03.0160 5208 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 08:50:03.0191 5208 Dhcp - ok 08:50:03.0238 5208 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 08:50:03.0238 5208 disk - ok 08:50:03.0347 5208 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 08:50:03.0363 5208 Dnscache - ok 08:50:03.0425 5208 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 08:50:03.0441 5208 dot3svc - ok 08:50:03.0503 5208 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 08:50:03.0503 5208 dot4 - ok 08:50:03.0519 5208 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 08:50:03.0535 5208 Dot4Print - ok 08:50:03.0566 5208 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 08:50:03.0566 5208 dot4usb - ok 08:50:03.0613 5208 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 08:50:03.0613 5208 DPS - ok 08:50:03.0644 5208 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 08:50:03.0659 5208 drmkaud - ok 08:50:03.0925 5208 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 08:50:03.0925 5208 DXGKrnl - ok 08:50:04.0003 5208 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys 08:50:04.0018 5208 e1express - ok 08:50:04.0065 5208 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 08:50:04.0081 5208 E1G60 - ok 08:50:04.0127 5208 e1yexpress (660d34b47e65f8542dd4a573a0c11a74) C:\Windows\system32\DRIVERS\e1y6032.sys 08:50:04.0127 5208 e1yexpress - ok 08:50:04.0159 5208 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 08:50:04.0174 5208 EapHost - ok 08:50:04.0237 5208 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 08:50:04.0252 5208 Ecache - ok 08:50:04.0299 5208 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 08:50:04.0330 5208 elxstor - ok 08:50:04.0408 5208 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 08:50:04.0424 5208 EMDMgmt - ok 08:50:04.0517 5208 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe 08:50:04.0517 5208 EpsonBidirectionalService - ok 08:50:04.0564 5208 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 08:50:04.0564 5208 ErrDev - ok 08:50:04.0611 5208 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 08:50:04.0627 5208 EventSystem - ok 08:50:04.0783 5208 EvtEng (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 08:50:04.0798 5208 EvtEng - ok 08:50:04.0861 5208 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 08:50:04.0861 5208 exfat - ok 08:50:04.0907 5208 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 08:50:04.0939 5208 fastfat - ok 08:50:05.0157 5208 Fax (dfba0f60fa301e5b1bfb1403a93ee23e) C:\Windows\system32\fxssvc.exe 08:50:05.0173 5208 Fax - ok 08:50:05.0219 5208 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 08:50:05.0219 5208 fdc - ok 08:50:05.0251 5208 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 08:50:05.0251 5208 fdPHost - ok 08:50:05.0266 5208 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 08:50:05.0266 5208 FDResPub - ok 08:50:05.0297 5208 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 08:50:05.0297 5208 FileInfo - ok 08:50:05.0313 5208 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 08:50:05.0313 5208 Filetrace - ok 08:50:05.0485 5208 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 08:50:05.0531 5208 FLEXnet Licensing Service - ok 08:50:05.0547 5208 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 08:50:05.0563 5208 flpydisk - ok 08:50:05.0609 5208 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 08:50:05.0625 5208 FltMgr - ok 08:50:05.0843 5208 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 08:50:05.0875 5208 FontCache - ok 08:50:05.0953 5208 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 08:50:05.0968 5208 FontCache3.0.0.0 - ok 08:50:06.0046 5208 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 08:50:06.0046 5208 fssfltr - ok 08:50:06.0389 5208 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 08:50:06.0452 5208 fsssvc - ok 08:50:06.0608 5208 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 08:50:06.0608 5208 Fs_Rec - ok 08:50:06.0655 5208 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 08:50:06.0655 5208 gagp30kx - ok 08:50:06.0701 5208 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 08:50:06.0701 5208 GEARAspiWDM - ok 08:50:06.0842 5208 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 08:50:06.0842 5208 GoogleDesktopManager-051210-111108 - ok 08:50:06.0935 5208 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 08:50:06.0967 5208 gpsvc - ok 08:50:07.0013 5208 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 08:50:07.0029 5208 gupdate - ok 08:50:07.0045 5208 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 08:50:07.0045 5208 gupdatem - ok 08:50:07.0076 5208 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 08:50:07.0091 5208 gusvc - ok 08:50:07.0185 5208 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 08:50:07.0201 5208 HDAudBus - ok 08:50:07.0216 5208 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys 08:50:07.0216 5208 HidBth - ok 08:50:07.0263 5208 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 08:50:07.0263 5208 HidIr - ok 08:50:07.0294 5208 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 08:50:07.0294 5208 hidserv - ok 08:50:07.0341 5208 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 08:50:07.0341 5208 HidUsb - ok 08:50:07.0372 5208 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 08:50:07.0388 5208 hkmsvc - ok 08:50:07.0403 5208 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 08:50:07.0403 5208 HpCISSs - ok 08:50:07.0575 5208 HPSLPSVC (56fc98f1014ea8dc51b92839c32759ec) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 08:50:07.0606 5208 HPSLPSVC - ok 08:50:07.0684 5208 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 08:50:07.0700 5208 HTTP - ok 08:50:07.0747 5208 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 08:50:07.0747 5208 i2omp - ok 08:50:07.0778 5208 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 08:50:07.0793 5208 i8042prt - ok 08:50:07.0965 5208 IAANTMON (f148c2e931bfc20397edc0a7b4f8e22b) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 08:50:07.0965 5208 IAANTMON - ok 08:50:08.0027 5208 iaStor (692830b048aacd7e0d6ededf098acc01) C:\Windows\system32\drivers\iastor.sys 08:50:08.0043 5208 iaStor - ok 08:50:08.0090 5208 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 08:50:08.0105 5208 iaStorV - ok 08:50:08.0215 5208 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 08:50:08.0230 5208 IDriverT - ok 08:50:08.0386 5208 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 08:50:08.0417 5208 idsvc - ok 08:50:08.0464 5208 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 08:50:08.0480 5208 iirsp - ok 08:50:08.0558 5208 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 08:50:08.0573 5208 IKEEXT - ok 08:50:08.0620 5208 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 08:50:08.0620 5208 intelide - ok 08:50:08.0651 5208 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 08:50:08.0651 5208 intelppm - ok 08:50:08.0932 5208 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 08:50:08.0932 5208 IPBusEnum - ok 08:50:08.0963 5208 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 08:50:08.0963 5208 IpFilterDriver - ok 08:50:09.0104 5208 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 08:50:09.0151 5208 iphlpsvc - ok 08:50:09.0151 5208 IpInIp - ok 08:50:09.0197 5208 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 08:50:09.0197 5208 IPMIDRV - ok 08:50:09.0213 5208 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 08:50:09.0229 5208 IPNAT - ok 08:50:09.0603 5208 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe 08:50:09.0712 5208 iPod Service - ok 08:50:09.0728 5208 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 08:50:09.0743 5208 IRENUM - ok 08:50:09.0759 5208 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 08:50:09.0759 5208 isapnp - ok 08:50:09.0821 5208 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 08:50:09.0821 5208 iScsiPrt - ok 08:50:09.0884 5208 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 08:50:09.0884 5208 iteatapi - ok 08:50:09.0977 5208 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 08:50:09.0977 5208 iteraid - ok 08:50:10.0024 5208 ivusb (67390c4565772d4bfa996c40d8319954) C:\Windows\system32\DRIVERS\ivusb.sys 08:50:10.0024 5208 ivusb - ok 08:50:10.0055 5208 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 08:50:10.0055 5208 kbdclass - ok 08:50:10.0102 5208 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 08:50:10.0102 5208 kbdhid - ok 08:50:10.0149 5208 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 08:50:10.0149 5208 KeyIso - ok 08:50:10.0305 5208 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys 08:50:10.0321 5208 KSecDD - ok 08:50:10.0414 5208 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 08:50:10.0430 5208 KtmRm - ok 08:50:10.0492 5208 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 08:50:10.0523 5208 LanmanServer - ok 08:50:10.0633 5208 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 08:50:10.0648 5208 LanmanWorkstation - ok 08:50:10.0664 5208 Lbd - ok 08:50:10.0742 5208 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 08:50:10.0742 5208 lltdio - ok 08:50:10.0820 5208 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 08:50:10.0835 5208 lltdsvc - ok 08:50:10.0867 5208 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 08:50:10.0882 5208 lmhosts - ok 08:50:10.0898 5208 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 08:50:10.0913 5208 LSI_FC - ok 08:50:10.0945 5208 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 08:50:10.0960 5208 LSI_SAS - ok 08:50:10.0991 5208 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 08:50:11.0007 5208 LSI_SCSI - ok 08:50:11.0038 5208 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 08:50:11.0054 5208 luafv - ok 08:50:11.0101 5208 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 08:50:11.0101 5208 megasas - ok 08:50:11.0147 5208 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 08:50:11.0163 5208 MegaSR - ok 08:50:11.0225 5208 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys 08:50:11.0225 5208 mferkdk - ok 08:50:11.0272 5208 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys 08:50:11.0272 5208 mfesmfk - ok 08:50:11.0303 5208 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 08:50:11.0319 5208 MMCSS - ok 08:50:11.0350 5208 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 08:50:11.0350 5208 Modem - ok 08:50:11.0413 5208 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 08:50:11.0413 5208 monitor - ok 08:50:11.0444 5208 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 08:50:11.0444 5208 mouclass - ok 08:50:11.0459 5208 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 08:50:11.0459 5208 mouhid - ok 08:50:11.0475 5208 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 08:50:11.0475 5208 MountMgr - ok 08:50:11.0631 5208 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys 08:50:11.0631 5208 MpFilter - ok 08:50:11.0678 5208 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 08:50:11.0709 5208 mpio - ok 08:50:11.0740 5208 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 08:50:11.0756 5208 mpsdrv - ok 08:50:11.0912 5208 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 08:50:11.0943 5208 MpsSvc - ok 08:50:11.0974 5208 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 08:50:11.0990 5208 Mraid35x - ok 08:50:12.0021 5208 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 08:50:12.0037 5208 MRxDAV - ok 08:50:12.0099 5208 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 08:50:12.0115 5208 mrxsmb - ok 08:50:12.0161 5208 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 08:50:12.0177 5208 mrxsmb10 - ok 08:50:12.0193 5208 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 08:50:12.0193 5208 mrxsmb20 - ok 08:50:12.0224 5208 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys 08:50:12.0224 5208 msahci - ok 08:50:12.0255 5208 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 08:50:12.0271 5208 msdsm - ok 08:50:12.0317 5208 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 08:50:12.0333 5208 MSDTC - ok 08:50:12.0380 5208 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 08:50:12.0380 5208 Msfs - ok 08:50:12.0411 5208 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 08:50:12.0411 5208 msisadrv - ok 08:50:12.0442 5208 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 08:50:12.0442 5208 MSiSCSI - ok 08:50:12.0458 5208 msiserver - ok 08:50:12.0505 5208 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 08:50:12.0505 5208 MSKSSRV - ok 08:50:12.0567 5208 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe 08:50:12.0567 5208 MsMpSvc - ok 08:50:12.0614 5208 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 08:50:12.0614 5208 MSPCLOCK - ok 08:50:12.0629 5208 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 08:50:12.0629 5208 MSPQM - ok 08:50:12.0676 5208 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 08:50:12.0692 5208 MsRPC - ok 08:50:12.0707 5208 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 08:50:12.0723 5208 mssmbios - ok 08:50:12.0785 5208 MSSQL$MSSMLBIZ - ok 08:50:12.0910 5208 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 08:50:12.0910 5208 MSSQLServerADHelper - ok 08:50:12.0957 5208 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 08:50:12.0957 5208 MSTEE - ok 08:50:12.0988 5208 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 08:50:12.0988 5208 Mup - ok 08:50:13.0082 5208 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\Windows\system32\Drivers\iqvw32.sys 08:50:13.0082 5208 NAL - ok 08:50:13.0113 5208 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 08:50:13.0144 5208 napagent - ok 08:50:13.0191 5208 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 08:50:13.0207 5208 NativeWifiP - ok 08:50:13.0269 5208 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 08:50:13.0285 5208 NDIS - ok 08:50:13.0316 5208 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 08:50:13.0316 5208 NdisTapi - ok 08:50:13.0331 5208 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 08:50:13.0347 5208 Ndisuio - ok 08:50:13.0363 5208 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 08:50:13.0378 5208 NdisWan - ok 08:50:13.0394 5208 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 08:50:13.0394 5208 NDProxy - ok 08:50:13.0519 5208 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll 08:50:13.0534 5208 Net Driver HPZ12 - ok 08:50:13.0565 5208 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 08:50:13.0565 5208 NetBIOS - ok 08:50:13.0768 5208 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 08:50:13.0784 5208 netbt - ok 08:50:13.0831 5208 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 08:50:13.0831 5208 Netlogon - ok 08:50:13.0909 5208 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 08:50:13.0924 5208 Netman - ok 08:50:14.0080 5208 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 08:50:14.0080 5208 NetMsmqActivator - ok 08:50:14.0096 5208 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 08:50:14.0096 5208 NetPipeActivator - ok 08:50:14.0143 5208 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 08:50:14.0158 5208 netprofm - ok 08:50:14.0174 5208 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 08:50:14.0174 5208 NetTcpActivator - ok 08:50:14.0174 5208 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 08:50:14.0174 5208 NetTcpPortSharing - ok 08:50:14.0626 5208 NETw5v32 (9ca26dccf0b84a6ff2b54fbb2a94520b) C:\Windows\system32\DRIVERS\NETw5v32.sys 08:50:14.0735 5208 NETw5v32 - ok 08:50:15.0016 5208 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 08:50:15.0032 5208 nfrd960 - ok 08:50:15.0094 5208 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 08:50:15.0094 5208 NisDrv - ok 08:50:15.0250 5208 NisSrv (290c0d4c4889398797f8df3be00b9698) C:\Program Files\Microsoft Security Client\NisSrv.exe 08:50:15.0266 5208 NisSrv - ok 08:50:15.0313 5208 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 08:50:15.0328 5208 NlaSvc - ok 08:50:15.0375 5208 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 08:50:15.0375 5208 Npfs - ok 08:50:15.0422 5208 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 08:50:15.0422 5208 nsi - ok 08:50:15.0453 5208 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 08:50:15.0453 5208 nsiproxy - ok 08:50:15.0703 5208 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 08:50:15.0765 5208 Ntfs - ok 08:50:15.0796 5208 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 08:50:15.0796 5208 ntrigdigi - ok 08:50:15.0827 5208 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 08:50:15.0827 5208 Null - ok 08:50:17.0840 5208 nvlddmkm (8fe5350fa6a9f0b6633aee811c468954) C:\Windows\system32\DRIVERS\nvlddmkm.sys 08:50:18.0136 5208 nvlddmkm - ok 08:50:18.0433 5208 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 08:50:18.0448 5208 nvraid - ok 08:50:18.0479 5208 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 08:50:18.0479 5208 nvstor - ok 08:50:18.0526 5208 nvsvc (ded8f2c0070478f13c37f7bd849b83fa) C:\Windows\system32\nvvsvc.exe 08:50:18.0542 5208 nvsvc - ok 08:50:18.0589 5208 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 08:50:18.0604 5208 nv_agp - ok 08:50:18.0604 5208 NwlnkFlt - ok 08:50:18.0620 5208 NwlnkFwd - ok 08:50:18.0682 5208 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\Windows\system32\DRIVERS\OA001Ufd.sys 08:50:18.0698 5208 OA001Ufd - ok 08:50:18.0729 5208 OA001Vid (4075063d25af9da64101769854b83787) C:\Windows\system32\DRIVERS\OA001Vid.sys 08:50:18.0745 5208 OA001Vid - ok 08:50:18.0916 5208 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 08:50:18.0994 5208 odserv - ok 08:50:19.0072 5208 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 08:50:19.0072 5208 ohci1394 - ok 08:50:19.0119 5208 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:50:19.0135 5208 ose - ok 08:50:19.0306 5208 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 08:50:19.0369 5208 p2pimsvc - ok 08:50:19.0384 5208 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 08:50:19.0384 5208 p2psvc - ok 08:50:19.0415 5208 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 08:50:19.0431 5208 Parport - ok 08:50:19.0493 5208 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 08:50:19.0493 5208 partmgr - ok 08:50:19.0509 5208 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 08:50:19.0509 5208 Parvdm - ok 08:50:19.0603 5208 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys 08:50:19.0603 5208 PBADRV - ok 08:50:19.0618 5208 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 08:50:19.0634 5208 PcaSvc - ok 08:50:19.0681 5208 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 08:50:19.0681 5208 pci - ok 08:50:19.0727 5208 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 08:50:19.0727 5208 pciide - ok 08:50:19.0774 5208 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 08:50:19.0790 5208 pcmcia - ok 08:50:19.0883 5208 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 08:50:19.0915 5208 PEAUTH - ok 08:50:20.0164 5208 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 08:50:20.0242 5208 pla - ok 08:50:20.0492 5208 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 08:50:20.0507 5208 PlugPlay - ok 08:50:20.0585 5208 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll 08:50:20.0585 5208 Pml Driver HPZ12 - ok 08:50:20.0695 5208 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 08:50:20.0695 5208 PNRPAutoReg - ok 08:50:20.0710 5208 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 08:50:20.0726 5208 PNRPsvc - ok 08:50:20.0835 5208 Point32 (437827d69040c0c2565d47b024ed5372) C:\Windows\system32\DRIVERS\point32k.sys 08:50:20.0835 5208 Point32 - ok 08:50:20.0866 5208 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 08:50:20.0882 5208 PolicyAgent - ok 08:50:21.0007 5208 postgresql-8.4 - ok 08:50:21.0147 5208 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 08:50:21.0178 5208 PptpMiniport - ok 08:50:21.0209 5208 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 08:50:21.0209 5208 Processor - ok 08:50:21.0272 5208 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 08:50:21.0287 5208 ProfSvc - ok 08:50:21.0334 5208 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 08:50:21.0334 5208 ProtectedStorage - ok 08:50:21.0381 5208 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 08:50:21.0381 5208 PSched - ok 08:50:21.0443 5208 PulseUsb (82749a87e49fdc46e6d1b9627507dd75) C:\Windows\system32\DRIVERS\PulseUsb.sys 08:50:21.0443 5208 PulseUsb - ok 08:50:21.0490 5208 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 08:50:21.0490 5208 PxHelp20 - ok 08:50:21.0599 5208 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 08:50:21.0646 5208 ql2300 - ok 08:50:21.0677 5208 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 08:50:21.0693 5208 ql40xx - ok 08:50:21.0755 5208 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 08:50:21.0771 5208 QWAVE - ok 08:50:21.0787 5208 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 08:50:21.0787 5208 QWAVEdrv - ok 08:50:22.0223 5208 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys 08:50:22.0364 5208 R300 - ok 08:50:22.0551 5208 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 08:50:22.0551 5208 RasAcd - ok 08:50:22.0582 5208 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 08:50:22.0598 5208 RasAuto - ok 08:50:22.0613 5208 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 08:50:22.0613 5208 Rasl2tp - ok 08:50:22.0738 5208 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 08:50:22.0754 5208 RasMan - ok 08:50:22.0801 5208 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 08:50:22.0816 5208 RasPppoe - ok 08:50:22.0863 5208 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 08:50:22.0863 5208 RasSstp - ok 08:50:22.0941 5208 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 08:50:22.0972 5208 rdbss - ok 08:50:22.0988 5208 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 08:50:22.0988 5208 RDPCDD - ok 08:50:23.0050 5208 RDPDISPM (a862a3a8d7d2d75bdc41b556325e9876) C:\Windows\system32\DRIVERS\rdpdispm.sys 08:50:23.0050 5208 RDPDISPM - ok 08:50:23.0175 5208 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys 08:50:23.0191 5208 rdpdr - ok 08:50:23.0269 5208 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 08:50:23.0284 5208 RDPENCDD - ok 08:50:23.0378 5208 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 08:50:23.0378 5208 RDPWD - ok 08:50:23.0612 5208 RegSrvc (ed8c9f16e10c1e4c4c5d16cd04966e24) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 08:50:23.0659 5208 RegSrvc - ok 08:50:23.0705 5208 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 08:50:23.0721 5208 RemoteAccess - ok 08:50:23.0768 5208 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 08:50:23.0783 5208 RemoteRegistry - ok 08:50:23.0861 5208 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 08:50:23.0861 5208 RFCOMM - ok 08:50:23.0908 5208 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 08:50:23.0908 5208 rimmptsk - ok 08:50:23.0939 5208 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\drivers\rimsptsk.sys 08:50:23.0939 5208 rimsptsk - ok 08:50:23.0971 5208 RimUsb - ok 08:50:24.0017 5208 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 08:50:24.0033 5208 RimVSerPort - ok 08:50:24.0064 5208 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\drivers\rixdptsk.sys 08:50:24.0064 5208 rismxdp - ok 08:50:24.0111 5208 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 08:50:24.0111 5208 ROOTMODEM - ok 08:50:24.0158 5208 RoxLiveShare9 - ok 08:50:24.0189 5208 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 08:50:24.0205 5208 RpcLocator - ok 08:50:24.0314 5208 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll 08:50:24.0329 5208 RpcSs - ok 08:50:24.0454 5208 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 08:50:24.0454 5208 rspndr - ok 08:50:24.0485 5208 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 08:50:24.0501 5208 SamSs - ok 08:50:24.0548 5208 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 08:50:24.0548 5208 SASDIFSV - ok 08:50:24.0579 5208 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 08:50:24.0579 5208 SASKUTIL - ok 08:50:24.0626 5208 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 08:50:24.0641 5208 sbp2port - ok 08:50:24.0673 5208 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 08:50:24.0688 5208 SCardSvr - ok 08:50:24.0891 5208 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 08:50:24.0907 5208 Schedule - ok 08:50:24.0953 5208 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 08:50:24.0953 5208 SCPolicySvc - ok 08:50:25.0016 5208 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 08:50:25.0031 5208 sdbus - ok 08:50:25.0063 5208 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 08:50:25.0063 5208 SDRSVC - ok 08:50:25.0078 5208 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 08:50:25.0078 5208 secdrv - ok 08:50:25.0094 5208 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 08:50:25.0109 5208 seclogon - ok 08:50:25.0328 5208 SecureStorageService (e80163f46ae96cc0a05fb9f3f55deb18) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe 08:50:25.0343 5208 SecureStorageService - ok 08:50:25.0453 5208 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 08:50:25.0453 5208 SENS - ok 08:50:25.0515 5208 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys 08:50:25.0515 5208 Serenum - ok 08:50:25.0577 5208 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys 08:50:25.0577 5208 Serial - ok 08:50:25.0624 5208 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 08:50:25.0624 5208 sermouse - ok 08:50:25.0687 5208 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 08:50:25.0702 5208 SessionEnv - ok 08:50:25.0718 5208 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 08:50:25.0733 5208 sffdisk - ok 08:50:25.0733 5208 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 08:50:25.0749 5208 sffp_mmc - ok 08:50:25.0749 5208 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 08:50:25.0749 5208 sffp_sd - ok 08:50:25.0796 5208 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 08:50:25.0796 5208 sfloppy - ok 08:50:25.0858 5208 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 08:50:25.0874 5208 SharedAccess - ok 08:50:25.0952 5208 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 08:50:25.0967 5208 ShellHWDetection - ok 08:50:25.0999 5208 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 08:50:25.0999 5208 sisagp - ok 08:50:26.0030 5208 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 08:50:26.0030 5208 SiSRaid2 - ok 08:50:26.0061 5208 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 08:50:26.0077 5208 SiSRaid4 - ok 08:50:26.0841 5208 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 08:50:26.0966 5208 slsvc - ok 08:50:27.0200 5208 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 08:50:27.0215 5208 SLUINotify - ok 08:50:27.0262 5208 SmartpenBus - ok 08:50:27.0278 5208 SmartpenCom - ok 08:50:27.0356 5208 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 08:50:27.0371 5208 Smb - ok 08:50:27.0621 5208 SMManager (206c78ee2ab4ead35baabb554737b304) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe 08:50:27.0621 5208 SMManager - ok 08:50:27.0668 5208 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 08:50:27.0668 5208 SNMPTRAP - ok 08:50:27.0730 5208 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 08:50:27.0730 5208 spldr - ok 08:50:27.0793 5208 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 08:50:27.0808 5208 Spooler - ok 08:50:27.0949 5208 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 08:50:27.0964 5208 SQLBrowser - ok 08:50:28.0011 5208 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 08:50:28.0027 5208 SQLWriter - ok 08:50:28.0183 5208 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 08:50:28.0183 5208 srv - ok 08:50:28.0229 5208 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 08:50:28.0245 5208 srv2 - ok 08:50:28.0261 5208 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 08:50:28.0261 5208 srvnet - ok 08:50:28.0292 5208 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 08:50:28.0307 5208 SSDPSRV - ok 08:50:28.0339 5208 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 08:50:28.0354 5208 SstpSvc - ok 08:50:28.0417 5208 ssudmdm (07318149e102fd9197ab444c27774372) C:\Windows\system32\DRIVERS\ssudmdm.sys 08:50:28.0432 5208 ssudmdm - ok 08:50:28.0604 5208 STacSV (8d0d9319e2c35cae04565da6cf1b4299) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\STacSV.exe 08:50:28.0619 5208 STacSV - ok 08:50:28.0760 5208 STHDA (1fbe4c98475d0c408469bd846d96da68) C:\Windows\system32\DRIVERS\stwrt.sys 08:50:28.0775 5208 STHDA - ok 08:50:28.0838 5208 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys 08:50:28.0838 5208 StillCam - ok 08:50:28.0978 5208 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 08:50:29.0009 5208 stisvc - ok 08:50:29.0103 5208 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 08:50:29.0119 5208 stllssvr - ok 08:50:29.0150 5208 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 08:50:29.0150 5208 swenum - ok 08:50:29.0228 5208 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 08:50:29.0243 5208 swprv - ok 08:50:29.0431 5208 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe 08:50:29.0446 5208 Symantec RemoteAssist - ok 08:50:29.0477 5208 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 08:50:29.0477 5208 Symc8xx - ok 08:50:29.0493 5208 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 08:50:29.0493 5208 Sym_hi - ok 08:50:29.0509 5208 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 08:50:29.0524 5208 Sym_u3 - ok 08:50:29.0587 5208 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 08:50:29.0618 5208 SysMain - ok 08:50:29.0633 5208 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 08:50:29.0633 5208 TabletInputService - ok 08:50:29.0743 5208 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 08:50:29.0758 5208 TapiSrv - ok 08:50:29.0789 5208 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 08:50:29.0789 5208 TBS - ok 08:50:30.0055 5208 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys 08:50:30.0070 5208 Tcpip - ok 08:50:30.0086 5208 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys 08:50:30.0101 5208 Tcpip6 - ok 08:50:30.0211 5208 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys 08:50:30.0211 5208 tcpipreg - ok 08:50:30.0538 5208 tcsd_win32.exe (ba9202e263a6fc1ffd7889fea186a2c4) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe 08:50:30.0585 5208 tcsd_win32.exe - ok 08:50:30.0819 5208 TdmService (ea63bf38938ad9917beb1846d6d15c84) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe 08:50:30.0835 5208 TdmService - ok 08:50:31.0053 5208 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 08:50:31.0053 5208 TDPIPE - ok 08:50:31.0084 5208 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 08:50:31.0084 5208 TDTCP - ok 08:50:31.0131 5208 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 08:50:31.0147 5208 tdx - ok 08:50:31.0193 5208 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 08:50:31.0193 5208 TermDD - ok 08:50:31.0396 5208 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 08:50:31.0474 5208 TermService - ok 08:50:31.0568 5208 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 08:50:31.0583 5208 Themes - ok 08:50:31.0630 5208 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 08:50:31.0646 5208 THREADORDER - ok 08:50:31.0677 5208 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 08:50:31.0693 5208 TrkWks - ok 08:50:31.0771 5208 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 08:50:31.0771 5208 TrustedInstaller - ok 08:50:31.0817 5208 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 08:50:31.0817 5208 tssecsrv - ok 08:50:31.0849 5208 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 08:50:31.0849 5208 tunmp - ok 08:50:31.0927 5208 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 08:50:31.0927 5208 tunnel - ok 08:50:31.0942 5208 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 08:50:31.0942 5208 uagp35 - ok 08:50:31.0989 5208 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 08:50:31.0989 5208 udfs - ok 08:50:32.0051 5208 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 08:50:32.0067 5208 UI0Detect - ok 08:50:32.0083 5208 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 08:50:32.0098 5208 uliagpkx - ok 08:50:32.0145 5208 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 08:50:32.0161 5208 uliahci - ok 08:50:32.0207 5208 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 08:50:32.0223 5208 UlSata - ok 08:50:32.0270 5208 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 08:50:32.0285 5208 ulsata2 - ok 08:50:32.0301 5208 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 08:50:32.0317 5208 umbus - ok 08:50:32.0457 5208 UmRdpService (8a66360f38f81e960e2367b428cbd5d9) C:\Windows\System32\umrdp.dll 08:50:32.0535 5208 UmRdpService - ok 08:50:32.0597 5208 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 08:50:32.0613 5208 upnphost - ok 08:50:32.0722 5208 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys 08:50:32.0722 5208 USBAAPL - ok 08:50:32.0769 5208 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 08:50:32.0769 5208 usbccgp - ok 08:50:32.0800 5208 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\Windows\system32\DRIVERS\usbccid.sys 08:50:32.0800 5208 USBCCID - ok 08:50:32.0831 5208 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 08:50:32.0831 5208 usbcir - ok 08:50:32.0863 5208 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 08:50:32.0863 5208 usbehci - ok 08:50:32.0909 5208 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 08:50:32.0909 5208 usbhub - ok 08:50:32.0941 5208 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 08:50:32.0941 5208 usbohci - ok 08:50:32.0987 5208 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 08:50:32.0987 5208 usbprint - ok 08:50:33.0050 5208 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 08:50:33.0050 5208 usbscan - ok 08:50:33.0097 5208 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 08:50:33.0097 5208 USBSTOR - ok 08:50:33.0143 5208 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 08:50:33.0143 5208 usbuhci - ok 08:50:33.0190 5208 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 08:50:33.0206 5208 UxSms - ok 08:50:33.0284 5208 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 08:50:33.0315 5208 vds - ok 08:50:33.0346 5208 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 08:50:33.0346 5208 vga - ok 08:50:33.0377 5208 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 08:50:33.0377 5208 VgaSave - ok 08:50:33.0409 5208 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 08:50:33.0409 5208 viaagp - ok 08:50:33.0440 5208 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 08:50:33.0455 5208 ViaC7 - ok 08:50:33.0487 5208 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 08:50:33.0487 5208 viaide - ok 08:50:33.0533 5208 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 08:50:33.0533 5208 volmgr - ok 08:50:33.0643 5208 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 08:50:33.0643 5208 volmgrx - ok 08:50:33.0705 5208 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 08:50:33.0721 5208 volsnap - ok 08:50:33.0752 5208 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 08:50:33.0752 5208 vsmraid - ok 08:50:33.0892 5208 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 08:50:33.0955 5208 VSS - ok 08:50:34.0017 5208 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 08:50:34.0033 5208 W32Time - ok 08:50:34.0095 5208 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 08:50:34.0095 5208 WacomPen - ok 08:50:34.0142 5208 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 08:50:34.0142 5208 Wanarp - ok 08:50:34.0142 5208 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 08:50:34.0142 5208 Wanarpv6 - ok 08:50:34.0251 5208 WavxDMgr (1e579390958dfc81776264213da18083) C:\Windows\system32\DRIVERS\WavxDMgr.sys 08:50:34.0251 5208 WavxDMgr - ok 08:50:34.0345 5208 wbengine (20b23332885dfb93fe0185362ee811e9) C:\Windows\system32\wbengine.exe 08:50:34.0376 5208 wbengine - ok 08:50:34.0423 5208 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 08:50:34.0438 5208 wcncsvc - ok 08:50:34.0485 5208 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 08:50:34.0501 5208 WcsPlugInService - ok 08:50:34.0532 5208 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 08:50:34.0532 5208 Wd - ok 08:50:34.0594 5208 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys 08:50:34.0594 5208 WDC_SAM - ok 08:50:34.0797 5208 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 08:50:34.0844 5208 Wdf01000 - ok 08:50:34.0859 5208 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 08:50:34.0875 5208 WdiServiceHost - ok 08:50:34.0875 5208 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 08:50:34.0875 5208 WdiSystemHost - ok 08:50:34.0937 5208 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 08:50:34.0953 5208 WebClient - ok 08:50:35.0047 5208 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 08:50:35.0062 5208 Wecsvc - ok 08:50:35.0078 5208 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 08:50:35.0093 5208 wercplsupport - ok 08:50:35.0156 5208 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 08:50:35.0187 5208 WerSvc - ok 08:50:35.0281 5208 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 08:50:35.0281 5208 WinDefend - ok 08:50:35.0296 5208 WinHttpAutoProxySvc - ok 08:50:35.0359 5208 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 08:50:35.0359 5208 Winmgmt - ok 08:50:35.0624 5208 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 08:50:35.0671 5208 WinRM - ok 08:50:35.0764 5208 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys 08:50:35.0764 5208 WinUSB - ok 08:50:35.0889 5208 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 08:50:35.0905 5208 Wlansvc - ok 08:50:36.0076 5208 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 08:50:36.0092 5208 wlcrasvc - ok 08:50:36.0607 5208 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 08:50:36.0669 5208 wlidsvc - ok 08:50:36.0887 5208 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 08:50:36.0887 5208 WmiAcpi - ok 08:50:37.0012 5208 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 08:50:37.0012 5208 wmiApSrv - ok 08:50:37.0246 5208 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 08:50:37.0293 5208 WMPNetworkSvc - ok 08:50:37.0355 5208 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 08:50:37.0371 5208 WPDBusEnum - ok 08:50:37.0433 5208 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 08:50:37.0449 5208 WpdUsb - ok 08:50:37.0839 5208 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 08:50:37.0886 5208 WPFFontCache_v0400 - ok 08:50:37.0917 5208 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 08:50:37.0917 5208 ws2ifsl - ok 08:50:37.0964 5208 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 08:50:37.0979 5208 wscsvc - ok 08:50:38.0026 5208 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys 08:50:38.0026 5208 WSDPrintDevice - ok 08:50:38.0042 5208 WSearch - ok 08:50:38.0416 5208 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 08:50:38.0494 5208 wuauserv - ok 08:50:38.0744 5208 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 08:50:38.0759 5208 WUDFRd - ok 08:50:38.0806 5208 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 08:50:38.0822 5208 wudfsvc - ok 08:50:38.0853 5208 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 08:50:39.0617 5208 \Device\Harddisk0\DR0 - ok 08:50:39.0633 5208 Boot (0x1200) (139cbbc20128af0838578aa25f4d9718) \Device\Harddisk0\DR0\Partition0 08:50:39.0633 5208 \Device\Harddisk0\DR0\Partition0 - ok 08:50:39.0649 5208 Boot (0x1200) (8d9ad4e531dd39abd48e6dc954933839) \Device\Harddisk0\DR0\Partition1 08:50:39.0649 5208 \Device\Harddisk0\DR0\Partition1 - ok 08:50:39.0649 5208 ============================================================ 08:50:39.0649 5208 Scan finished 08:50:39.0649 5208 ============================================================ 08:50:39.0680 5624 Detected object count: 0 08:50:39.0680 5624 Actual detected object count: 0
  9. engelke830
    I'm not sure what the etiquette is for bumping this but I just want to make sure it didn't get forgotten or overlooked accidentally. I'll be around and able to work on this for a couple more hours today and then off and on over the weekend then all day Monday.
  10. engelke830
    Here are the DDS logs. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Engelke at 9:12:09 on 2012-07-20 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3571.2060 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\STacSV.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\aestsrv.exe C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: jZip Webmail plugin: {647fd14a-c4f1-46f4-8fc3-0b40f54226f7} - c:\program files\jzip\WebmailPlugin.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll" TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [googletalk] c:\users\engelke\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [spotify Web Helper] "c:\users\engelke\appdata\roaming\spotify\data\SpotifyWebHelper.exe" uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [secureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [nwiz] nwiz.exe /install mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe" mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe" mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe" mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDellB.exe" /mode2 mRun: [DCPstrApp] c:\program files\dell\dell controlpoint\security manager\SecurityDeviceInfoSetRegistryString.exe mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12 mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe" mRun: [smart touch i1200] c:\program files\kodak\document imaging\kds_i1200\smart touch\KSSCFG.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\engelke\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\engelke\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: mcafee.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab DPF: {DAF7E6E7-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab TCP: DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{23C426E9-5916-4F09-9D49-913AAE000B90} : DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE} : NameServer = 65.106.1.196,65.106.7.196 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE} : DhcpNameServer = 205.177.10.10 199.0.216.222 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL LSA: Authentication Packages = msv1_0 wvauth . ================= FIREFOX =================== . FF - ProfilePath - c:\users\engelke\appdata\roaming\mozilla\firefox\profiles\dg8csqv0.default\ . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_2311653e\AEstSrv.exe [2008-9-19 77824] R2 alssvc;Ambient Light Sensor;c:\program files\dell\ambient light sensor\AlsSvc.exe [2008-6-3 382232] R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968] R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328] R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2008-7-31 808296] R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2008-7-31 21352] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-18 453712] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w --> C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?] R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-8-25 69632] R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-9-19 29736] R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2008-9-19 32808] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-9-19 224384] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-9-19 3662848] R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632] R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 250056] S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-6-12 80824] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-19 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-3-30 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-3-30 40552] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952] S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [2010-12-29 20480] S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-8-16 9040] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-6-12 181432] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-07-20 16:00:29 -------- d-----w- C:\$RECYCLE.BIN 2012-07-20 15:54:51 -------- d-----w- c:\users\engelke\appdata\local\temp 2012-07-20 15:43:29 -------- d-----w- C:\ComboFix 2012-07-20 14:59:53 6891424 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8320c9aa-0560-439d-925a-132efc067a14}\mpengine.dll 2012-07-19 16:04:50 -------- d-----w- c:\users\engelke\appdata\local\Spotify 2012-07-18 21:28:41 6891424 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-07-18 19:21:58 -------- d-----w- c:\users\engelke\appdata\roaming\SUPERAntiSpyware.com 2012-07-18 19:21:52 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-07-18 19:21:52 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-07-13 19:12:39 98816 ----a-w- c:\windows\sed.exe 2012-07-13 19:12:39 518144 ----a-w- c:\windows\SWREG.exe 2012-07-13 19:12:39 256000 ----a-w- c:\windows\PEV.exe 2012-07-13 19:12:39 208896 ----a-w- c:\windows\MBR.exe 2012-07-12 20:20:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-11 22:32:36 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-11 21:30:41 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:24:30 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-11 17:24:18 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:24:18 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:22:38 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 17:22:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 17:19:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:19:25 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:19:25 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-05 14:34:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{6c9f5146-57cf-48ce-be33-8d36af1763c6}\gapaengine.dll 2012-07-03 23:10:29 -------- d-----w- c:\program files\Oracle 2012-07-03 23:09:37 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-28 14:49:19 -------- d-----w- c:\users\engelke\appdata\local\Macromedia 2012-06-25 15:30:55 -------- d-----w- c:\program files\iPod 2012-06-25 15:30:53 -------- d-----w- c:\program files\iTunes 2012-06-22 14:54:15 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 14:53:14 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 14:52:58 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-22 14:52:58 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-20 21:15:54 -------- d-----w- c:\program files\Veetle . ==================== Find3M ==================== . 2012-07-12 16:54:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-12 16:54:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-05-29 07:38:50 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 01:50:06 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-05-21 02:09:00 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09:00 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2012-05-05 02:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2000-07-15 07:00:00 136192 ----a-w- c:\program files\common files\Msderun.dll . ============= FINISH: 9:12:22.38 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume3 Install Date: 9/19/2008 9:30:36 AM System Uptime: 7/20/2012 8:55:49 AM (1 hours ago) . Motherboard: Dell Inc. | | 0RX495 Processor: Intel® Core2 Duo CPU T9400 @ 2.53GHz | Microprocessor | 2534/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 147 GiB total, 38.826 GiB free. D: is FIXED (NTFS) - 2 GiB total, 1.12 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A909g Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Officejet Pro 8500 A909g PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8600 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Officejet Pro 8600 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . ==== System Restore Points =================== . RP936: 7/17/2012 7:50:52 AM - Windows Update RP937: 7/18/2012 12:20:06 PM - Scheduled Checkpoint RP938: 7/19/2012 7:44:43 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office system 32 Bit HP CIO Components Installer 7-Zip 9.20 8500A909_BasicWeb 8500A909_Help_BasicWeb Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.5.1 - CPSID_83708 Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe PDF IFilter 6.0 Adobe Reader 9.5.1 All Day Battery Life Configuration Amazon MP3 Downloader 1.0.15 Ambient Light Sensor Anki Apple Application Support Apple Mobile Device Support Apple Software Update Bing Bar BioAPI Framework biolsp patch Bonjour bpd_scan BPDSoftware BPDSoftware_Ini Broadcom USH Host Components Brother BRAdmin Light 1.09 Brother MFL-Pro Suite Browser Address Error Redirector BufferChm Business Contact Manager for Outlook 2007 SP2 Cisco WebEx Meeting Center for Firefox or Chrome D3DX10 Dell Control Point Dell ControlPoint Connection Manager Dell ControlPoint Security Manager Dell ControlPoint System Manager Dell Embassy Trust Suite by Wave Systems Dell Getting Started Guide Dell Security Device Driver Pack Dell Touchpad Dell Webcam Central DeskPins (remove only) Digsby Directory of Physicians in the United States 2005 Directory of Physicians in the United States 2010 Document Manager Lite Dropbox EDocs EMBASSY Security Center EMBASSY Security Setup Epson Event Manager Epson FAX Utility Epson PC-FAX Driver EPSON Scan EPSON WorkForce 610 Series Printer Uninstall EpsonNet Print EpsonNet Setup ESC Home Page Plugin Fetchnotes Widget ffdshow [rev 2527] [2008-12-19] Gemalto GIMP 2.6.11 GNU Backgammon (MAIN branch, 20111003 code) Google Chrome Google Desktop Google Photos Screensaver Google Talk (remove only) Google Toolbar for Internet Explorer Google Update Helper Google Updater GoToMeeting 5.1.0.880 Graduate Medical Education GumNotes version 1.3.1.740 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Officejet Pro 8500 A909 Series iCloud InfraRecorder Integrated Webcam Driver (1.06.03.0309) Intel PROSet Wireless Intel® Network Connections 13.0.42.0 Intel® PRO Alerting Agent Intel® PROSet/Wireless WiFi Software Intel® Matrix Storage Manager iTunes Java Auto Updater Java 6 Update 5 Java 6 Update 7 Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update jZip KeePass Password Safe 2.09 KODAK i1200 - Smart touch KODAK i1210/i1220 Scanner Konica Scantrip Admin LaCie Backup Software v1.5.2378 Lizard Safeguard - PDF Viewer 2.6.17 Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliPoint 6.2 Microsoft IntelliType Pro 6.2 Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Live Meeting 2007 Microsoft Office OneNote Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNoteHomeStudent 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft SharedView Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MobileMe Control Panel Mozilla Firefox 10.0 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network NTRU TCG Software Stack NVIDIA Drivers NVIDIA nView Desktop Manager OGA Notifier 2.0.0048.0 Panraven Picasa2 Plugin PaperPort Image Printer Picasa 3 PlayReady PC Runtime x86 PokerStove version 1.24 PostgreSQL 8.4 PowerDVD Preboot Manager Private Information Manager QuickTime Revo Uninstaller 1.94 Roxio Activation Module Roxio Creator Audio Roxio Creator BDAV Plugin Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan ScanSoft PaperPort 11 Secure Update Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Wizards Segoe UI Snapshot Viewer Spotify SUPERAntiSpyware Symantec Technical Support Web Controls Toolbox Trusted Drive Manager Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Veetle TV Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 2.0.2 Wave Infrastructure Installer Wave Support Software WebEx WebReg WIDCOMM Bluetooth Software 6.1.0.4402 Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) Windows Driver Package - Livescribe (PulseUsb) Image (03/19/2009 2.0.12.1) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 7/20/2012 8:57:25 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/20/2012 8:56:34 AM, Error: netbt [4321] - The name "ENGELKE-PC :0" could not be registered on the interface with IP address 192.168.0.17. The computer with the IP address 192.168.0.45 did not allow the name to be claimed by this computer. 7/20/2012 8:56:32 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd 7/20/2012 8:56:30 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.27 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully. 7/20/2012 8:56:25 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer WebEx Document Loader with shared resource name WebEx Document Loader. Error 2114. The printer cannot be used by others on the network. 7/20/2012 8:56:23 AM, Error: netbt [4321] - The name "ENGELKE-PC :0" could not be registered on the interface with IP address 192.168.0.33. The computer with the IP address 192.168.0.45 did not allow the name to be claimed by this computer. 7/20/2012 8:55:16 AM, Error: Service Control Manager [7034] - The Dell ControlPoint System Manager service terminated unexpectedly. It has done this 1 time(s). 7/20/2012 8:55:15 AM, Error: Service Control Manager [7034] - The Dell ControlPoint Button Service service terminated unexpectedly. It has done this 1 time(s). 7/20/2012 8:54:57 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/20/2012 7:31:12 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer PaperPort Image Printer with shared resource name PaperPort Image Printer. Error 2114. The printer cannot be used by others on the network. 7/20/2012 7:31:12 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Microsoft Office Live Meeting 2007 Document Writer with shared resource name Microsoft Office Live Meeting 2007 Document Writer. Error 2114. The printer cannot be used by others on the network. 7/19/2012 7:44:41 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Broadcom Corp Contacted SmartCard 0' rejected IOCTL GET_STATE: The device has been removed. 7/19/2012 7:44:39 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 7/19/2012 1:20:15 PM, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP LaserJet 1200 Series PCL 5 with shared resource name HP LaserJet 1200 Series PCL 5. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Foxit PDF Printer with shared resource name Foxit PDF Printer. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Canon iP3500 series with shared resource name Canon iP3500 series. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Brother PC-FAX v.2 with shared resource name Brother PC-FAX v.2. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Brother MFC-9840CDW Printer with shared resource name Brother MFC-9840CDW Printer. Error 2114. The printer cannot be used by others on the network. . ==== End Of File ===========================
  11. engelke830
    One thing I forgot to mention was that when I ran ComboFix, I received an error message that said "dell.ucm has stopped working".
  12. engelke830
    Here is the ComboFix Log. New DDS coming next. ComboFix 12-07-20.02 - Engelke 07/20/2012 8:44.2.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3571.1927 [GMT -7:00] Running from: c:\users\Engelke\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Engelke\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-20 to 2012-07-20 ))))))))))))))))))))))))))))))) . . 2012-07-20 15:54 . 2012-07-20 16:00 -------- d-----w- c:\users\Engelke\AppData\Local\temp 2012-07-20 15:54 . 2012-07-20 15:54 -------- d-----w- c:\users\TEMP.Engelke-PC.000\AppData\Local\temp 2012-07-20 15:54 . 2012-07-20 15:54 -------- d-----w- c:\users\postgres\AppData\Local\temp 2012-07-20 15:54 . 2012-07-20 15:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-20 15:54 . 2012-07-20 15:54 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-07-20 14:59 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8320C9AA-0560-439D-925A-132EFC067A14}\mpengine.dll 2012-07-19 16:04 . 2012-07-19 20:01 -------- d-----w- c:\users\Engelke\AppData\Local\Spotify 2012-07-18 21:28 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\users\Engelke\AppData\Roaming\SUPERAntiSpyware.com 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-07-18 19:21 . 2012-07-18 19:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-07-12 20:20 . 2012-07-13 14:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-11 22:32 . 2012-07-12 16:57 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-11 21:30 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:24 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 17:24 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:24 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:22 . 2012-07-18 21:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 17:22 . 2012-07-03 20:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 17:19 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:19 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:19 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-05 14:34 . 2012-02-10 15:30 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C9F5146-57CF-48CE-BE33-8D36AF1763C6}\gapaengine.dll 2012-07-03 23:10 . 2012-07-03 23:10 -------- d-----w- c:\program files\Oracle 2012-07-03 23:09 . 2012-05-05 02:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-28 14:49 . 2012-06-28 14:49 -------- d-----w- c:\users\Engelke\AppData\Local\Macromedia 2012-06-25 15:30 . 2012-06-25 15:30 -------- d-----w- c:\program files\iPod 2012-06-25 15:30 . 2012-06-25 15:32 -------- d-----w- c:\program files\iTunes 2012-06-22 14:54 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-22 14:54 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-22 14:54 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-22 14:54 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 14:53 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-22 14:53 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-22 14:53 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 14:52 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-22 14:52 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 21:15 . 2012-06-20 21:16 -------- d-----w- c:\program files\Veetle . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-20 14:31 . 2008-09-23 22:00 0 ----a-w- c:\users\Engelke\AppData\Local\WavXMapDrive.bat 2012-07-12 16:54 . 2012-03-29 14:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-12 16:54 . 2011-06-03 23:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-29 07:38 . 2012-05-29 07:38 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 01:50 . 2012-06-12 14:02 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-05-24 01:49 . 2012-05-24 01:49 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2012-05-24 01:49 . 2012-05-24 01:49 30568 ----a-w- c:\windows\MusiccityDownload.exe 2012-05-24 01:49 . 2012-05-24 01:49 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2012-05-24 01:49 . 2012-05-24 01:49 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2012-05-24 01:49 . 2012-05-24 01:49 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2012-05-24 01:49 . 2012-05-24 01:49 569344 ----a-w- c:\windows\system32\muzdecode.ax 2012-05-24 01:49 . 2012-05-24 01:49 491520 ----a-w- c:\windows\system32\muzapp.dll 2012-05-24 01:49 . 2012-05-24 01:49 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2012-05-24 01:49 . 2012-05-24 01:49 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-05-24 01:49 . 2012-05-24 01:49 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2012-05-24 01:49 . 2012-05-24 01:49 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2012-05-24 01:49 . 2012-05-24 01:49 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2012-05-24 01:49 . 2012-05-24 01:49 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2012-05-24 01:49 . 2012-05-24 01:49 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2012-05-24 01:49 . 2012-05-24 01:49 245760 ----a-w- c:\windows\system32\MSCLib.dll 2012-05-24 01:49 . 2012-05-24 01:49 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2012-05-24 01:49 . 2012-05-24 01:49 200704 ----a-w- c:\windows\system32\muzwmts.dll 2012-05-24 01:49 . 2012-05-24 01:49 172032 ----a-w- c:\windows\system32\muzapp.exe 2012-05-24 01:49 . 2012-05-24 01:49 155648 ----a-w- c:\windows\system32\MSFLib.dll 2012-05-24 01:49 . 2012-05-24 01:49 143360 ----a-w- c:\windows\system32\3DAudio.ax 2012-05-24 01:49 . 2012-05-24 01:49 135168 ----a-w- c:\windows\system32\muzaf1.dll 2012-05-24 01:49 . 2012-05-24 01:49 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2012-05-24 01:49 . 2012-05-24 01:49 122880 ----a-w- c:\windows\system32\muzeffect.ax 2012-05-24 01:49 . 2012-05-24 01:49 118784 ----a-w- c:\windows\system32\MaDRM.dll 2012-05-24 01:49 . 2012-05-24 01:49 110592 ----a-w- c:\windows\system32\muzmp4sp.ax 2012-05-24 01:49 . 2012-06-12 14:02 821824 ----a-w- c:\windows\system32\dgderapi.dll 2012-05-24 01:49 . 2012-06-12 14:02 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys 2012-05-24 01:49 . 2008-09-19 21:46 319456 ----a-w- c:\windows\system32\DIFxAPI.dll 2012-05-21 02:09 . 2012-06-12 14:05 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09 . 2012-06-12 14:05 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2012-05-05 02:29 . 2010-06-03 21:45 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-01 14:03 . 2012-06-13 22:25 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 16:00 . 2012-06-13 22:25 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-04-23 16:00 . 2012-06-13 22:25 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-23 16:00 . 2012-06-13 22:25 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2000-07-15 07:00 . 2008-10-08 21:23 136192 ----a-w- c:\program files\Common Files\Msderun.dll 2012-01-29 15:55 . 2012-02-08 17:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-04-14 21:01 . 2011-03-03 05:55 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{022F2F51-CDDA-4873-8A29-72C66C808A3F}" [HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}] 2009-11-08 17:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{661963C1-99A1-44e7-A671-1CF3768AE9D4}" [HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}] 2009-11-08 17:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-19 68856] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480] "googletalk"="c:\users\Engelke\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Spotify Web Helper"="c:\users\Engelke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-19 1193176] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 99328] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-11 442467] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-30 30248] "nwiz"="nwiz.exe" [2009-06-11 1657376] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2007-08-31 988584] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-30 46632] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-14 30192] "FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-02-06 843776] "EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160] "EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-01-12 669520] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-27 17920] "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-05-30 593920] "DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-08-25 1486848] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDellB.exe" [2008-04-11 372736] "DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-11-08 65536] "ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-05 630784] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-02 196608] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440] "Smart touch i1200"="c:\program files\Kodak\Document Imaging\kds_i1200\Smart touch\KSSCFG.exe" [2008-04-22 188416] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\users\Engelke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Engelke\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 752168] Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2008-8-18 1186896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\aestsrv.exe [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPService REG_MULTI_SZ HPSLPSVC . Contents of the 'Scheduled Tasks' folder . 2012-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 16:54] . 2012-07-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-19 16:52] . 2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 03:54] . 2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 03:54] . 2012-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2269250054-1500103086-2089624545-1003Core.job - c:\users\Engelke\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-15 17:45] . 2012-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2269250054-1500103086-2089624545-1003UA.job - c:\users\Engelke\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-15 17:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE}: NameServer = 65.106.1.196,65.106.7.196 DPF: {DAF7E6E7-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab FF - ProfilePath - c:\users\Engelke\AppData\Roaming\Mozilla\Firefox\Profiles\dg8csqv0.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-07-20 09:02 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . c:\windows\system32\wbem\Performance\WmiApRpl_new.ini 25494 bytes . scan completed successfully hidden files: 1 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4] "ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4] "ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(704) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll c:\windows\System32\TdmNetworkProvider.dll . - - - - - - - > 'Explorer.exe'(4504) c:\users\Engelke\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\btncopy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\STacSV.exe c:\windows\system32\WLANExt.exe c:\windows\system32\nvvsvc.exe c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe c:\program files\Dell\Ambient Light Sensor\AlsSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Intel\ASF Agent\ASFAgent.exe c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\PostgreSQL\8.4\bin\pg_ctl.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\PostgreSQL\8.4\bin\postgres.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Completion time: 2012-07-20 09:07:14 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-20 16:06 ComboFix2.txt 2012-07-13 19:50 . Pre-Run: 41,758,281,728 bytes free Post-Run: 41,736,065,024 bytes free . - - End Of File - - AB4C3797DA8C26BF00AC5911EC5C086C
  13. engelke830
    Here is the MBAM log. Will run combofix now. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.20.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Engelke :: ENGELKE-PC [administrator] 7/20/2012 8:31:48 AM mbam-log-2012-07-20 (08-31-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 262218 Time elapsed: 7 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  14. engelke830
    Hi, I would appreciate any help that can be provided with this. When I go to amazon.com and click on a link to one of the products, the page loads, then another page loads such as "gadgetreviewsworld . info" then the original amazon page reloads but I will now be logged out. The redirected page is not always the same one but it is always ".info". Malwarebytes and MSE did not detect anything wrong. Here are my Attach and DDS logs. Thank you. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Engelke at 7:56:27 on 2012-07-20 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3571.1937 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\STacSV.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\aestsrv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe C:\Program Files\Wave Systems Corp\SecureUpgrade.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\Kodak\Document Imaging\kds_i1200\Smart touch\KSSCFG.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Users\Engelke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Program Files\PostgreSQL\8.4\bin\postgres.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Users\Engelke\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Kodak\Document Imaging\kds_i1200\Smart touch\KSSE.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Windows\system32\svchost.exe -k HPService C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Engelke\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: jZip Webmail plugin: {647fd14a-c4f1-46f4-8fc3-0b40f54226f7} - c:\program files\jzip\WebmailPlugin.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll" TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [googletalk] c:\users\engelke\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [spotify Web Helper] "c:\users\engelke\appdata\roaming\spotify\data\SpotifyWebHelper.exe" uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe uRun: [Google Update] "c:\users\engelke\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [secureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [nwiz] nwiz.exe /install mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe" mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe" mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe" mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDellB.exe" /mode2 mRun: [DCPstrApp] c:\program files\dell\dell controlpoint\security manager\SecurityDeviceInfoSetRegistryString.exe mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12 mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe" mRun: [smart touch i1200] c:\program files\kodak\document imaging\kds_i1200\smart touch\KSSCFG.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\engelke\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\engelke\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: mcafee.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab DPF: {DAF7E6E7-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab TCP: DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{23C426E9-5916-4F09-9D49-913AAE000B90} : DhcpNameServer = 205.177.10.10 199.0.216.222 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE} : NameServer = 65.106.1.196,65.106.7.196 TCP: Interfaces\{D9C9BDA5-33FE-485D-AE29-37BA117B32AE} : DhcpNameServer = 205.177.10.10 199.0.216.222 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL LSA: Authentication Packages = msv1_0 wvauth . ================= FIREFOX =================== . FF - ProfilePath - c:\users\engelke\appdata\roaming\mozilla\firefox\profiles\dg8csqv0.default\ . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_2311653e\AEstSrv.exe [2008-9-19 77824] R2 alssvc;Ambient Light Sensor;c:\program files\dell\ambient light sensor\AlsSvc.exe [2008-6-3 382232] R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328] R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2008-7-31 808296] R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2008-7-31 21352] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-18 453712] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w --> C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?] R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-8-25 69632] R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-9-19 29736] R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2008-9-19 32808] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-9-19 224384] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-9-19 3662848] R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632] R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896] S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 250056] S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-6-12 80824] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-19 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-3-30 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-3-30 40552] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952] S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [2010-12-29 20480] S3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-8-16 9040] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-6-12 181432] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-07-20 14:31:29 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{345914a0-96e8-464c-b40e-fa51af90c01b}\offreg.dll 2012-07-19 19:47:43 6891424 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{345914a0-96e8-464c-b40e-fa51af90c01b}\mpengine.dll 2012-07-19 16:04:50 -------- d-----w- c:\users\engelke\appdata\local\Spotify 2012-07-18 21:28:41 6891424 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-07-18 19:21:58 -------- d-----w- c:\users\engelke\appdata\roaming\SUPERAntiSpyware.com 2012-07-18 19:21:52 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-07-18 19:21:52 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-07-13 19:48:25 -------- d-sh--w- C:\$RECYCLE.BIN 2012-07-13 19:27:47 -------- d-----w- c:\users\engelke\appdata\local\temp 2012-07-13 19:12:39 98816 ----a-w- c:\windows\sed.exe 2012-07-13 19:12:39 518144 ----a-w- c:\windows\SWREG.exe 2012-07-13 19:12:39 256000 ----a-w- c:\windows\PEV.exe 2012-07-13 19:12:39 208896 ----a-w- c:\windows\MBR.exe 2012-07-12 20:20:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-07-11 22:32:36 -------- d-----w- C:\TDSSKiller_Quarantine 2012-07-11 21:30:41 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:24:30 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-11 17:24:18 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:24:18 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:22:38 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-11 17:22:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-11 17:19:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:19:25 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:19:25 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-05 14:34:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{6c9f5146-57cf-48ce-be33-8d36af1763c6}\gapaengine.dll 2012-07-03 23:10:29 -------- d-----w- c:\program files\Oracle 2012-07-03 23:09:37 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-28 14:49:19 -------- d-----w- c:\users\engelke\appdata\local\Macromedia 2012-06-25 15:30:55 -------- d-----w- c:\program files\iPod 2012-06-25 15:30:53 -------- d-----w- c:\program files\iTunes 2012-06-22 14:54:15 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-22 14:53:14 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-22 14:52:58 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-22 14:52:58 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-20 21:15:54 -------- d-----w- c:\program files\Veetle . ==================== Find3M ==================== . 2012-07-12 16:54:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-12 16:54:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-05-29 07:38:50 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 01:50:06 4659712 ----a-w- c:\windows\system32\Redemption.dll 2012-05-21 02:09:00 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09:00 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2012-05-05 02:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2000-07-15 07:00:00 136192 ----a-w- c:\program files\common files\Msderun.dll . ============= FINISH: 7:57:45.90 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Business Boot Device: \Device\HarddiskVolume3 Install Date: 9/19/2008 9:30:36 AM System Uptime: 7/20/2012 7:30:37 AM (0 hours ago) . Motherboard: Dell Inc. | | 0RX495 Processor: Intel® Core2 Duo CPU T9400 @ 2.53GHz | Microprocessor | 2534/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 147 GiB total, 38.792 GiB free. D: is FIXED (NTFS) - 2 GiB total, 1.12 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: Officejet Pro 8500 A909g Device ID: ROOT\IMAGE\0001 Manufacturer: HP Name: Officejet Pro 8500 A909g PNP Device ID: ROOT\IMAGE\0001 Service: StillCam . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A909g Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Officejet Pro 8500 A909g PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8600 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Officejet Pro 8600 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . ==== System Restore Points =================== . RP936: 7/17/2012 7:50:52 AM - Windows Update RP937: 7/18/2012 12:20:06 PM - Scheduled Checkpoint RP938: 7/19/2012 7:44:43 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office system 32 Bit HP CIO Components Installer 7-Zip 9.20 8500A909_BasicWeb 8500A909_Help_BasicWeb Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.5.1 - CPSID_83708 Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe PDF IFilter 6.0 Adobe Reader 9.5.1 All Day Battery Life Configuration Amazon MP3 Downloader 1.0.15 Ambient Light Sensor Anki Apple Application Support Apple Mobile Device Support Apple Software Update Bing Bar BioAPI Framework biolsp patch Bonjour bpd_scan BPDSoftware BPDSoftware_Ini Broadcom USH Host Components Brother BRAdmin Light 1.09 Brother MFL-Pro Suite Browser Address Error Redirector BufferChm Business Contact Manager for Outlook 2007 SP2 Cisco WebEx Meeting Center for Firefox or Chrome D3DX10 Dell Control Point Dell ControlPoint Connection Manager Dell ControlPoint Security Manager Dell ControlPoint System Manager Dell Embassy Trust Suite by Wave Systems Dell Getting Started Guide Dell Security Device Driver Pack Dell Touchpad Dell Webcam Central DeskPins (remove only) Digsby Directory of Physicians in the United States 2005 Directory of Physicians in the United States 2010 Document Manager Lite Dropbox EDocs EMBASSY Security Center EMBASSY Security Setup Epson Event Manager Epson FAX Utility Epson PC-FAX Driver EPSON Scan EPSON WorkForce 610 Series Printer Uninstall EpsonNet Print EpsonNet Setup ESC Home Page Plugin Fetchnotes Widget ffdshow [rev 2527] [2008-12-19] Gemalto GIMP 2.6.11 GNU Backgammon (MAIN branch, 20111003 code) Google Chrome Google Desktop Google Photos Screensaver Google Talk (remove only) Google Toolbar for Internet Explorer Google Update Helper Google Updater GoToMeeting 5.1.0.880 Graduate Medical Education GumNotes version 1.3.1.740 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Officejet Pro 8500 A909 Series iCloud InfraRecorder Integrated Webcam Driver (1.06.03.0309) Intel PROSet Wireless Intel® Network Connections 13.0.42.0 Intel® PRO Alerting Agent Intel® PROSet/Wireless WiFi Software Intel® Matrix Storage Manager iTunes Java Auto Updater Java 6 Update 5 Java 6 Update 7 Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update jZip KeePass Password Safe 2.09 KODAK i1200 - Smart touch KODAK i1210/i1220 Scanner Konica Scantrip Admin LaCie Backup Software v1.5.2378 Lizard Safeguard - PDF Viewer 2.6.17 Malwarebytes Anti-Malware version 1.62.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliPoint 6.2 Microsoft IntelliType Pro 6.2 Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Live Meeting 2007 Microsoft Office OneNote Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNoteHomeStudent 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft SharedView Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MobileMe Control Panel Mozilla Firefox 10.0 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network NTRU TCG Software Stack NVIDIA Drivers NVIDIA nView Desktop Manager OGA Notifier 2.0.0048.0 Panraven Picasa2 Plugin PaperPort Image Printer Picasa 3 PlayReady PC Runtime x86 PokerStove version 1.24 PostgreSQL 8.4 PowerDVD Preboot Manager Private Information Manager QuickTime Revo Uninstaller 1.94 Roxio Activation Module Roxio Creator Audio Roxio Creator BDAV Plugin Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan ScanSoft PaperPort 11 Secure Update Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Wizards Segoe UI Snapshot Viewer Spotify SUPERAntiSpyware Symantec Technical Support Web Controls Toolbox Trusted Drive Manager Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Veetle TV Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 2.0.2 Wave Infrastructure Installer Wave Support Software WebEx WebReg WIDCOMM Bluetooth Software 6.1.0.4402 Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) Windows Driver Package - Livescribe (PulseUsb) Image (03/19/2009 2.0.12.1) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 7/20/2012 7:32:12 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/20/2012 7:31:53 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd 7/20/2012 7:31:23 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.27 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully. 7/20/2012 7:31:12 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer WebEx Document Loader with shared resource name WebEx Document Loader. Error 2114. The printer cannot be used by others on the network. 7/20/2012 7:31:12 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer PaperPort Image Printer with shared resource name PaperPort Image Printer. Error 2114. The printer cannot be used by others on the network. 7/20/2012 7:31:12 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Microsoft Office Live Meeting 2007 Document Writer with shared resource name Microsoft Office Live Meeting 2007 Document Writer. Error 2114. The printer cannot be used by others on the network. 7/19/2012 7:44:41 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Broadcom Corp Contacted SmartCard 0' rejected IOCTL GET_STATE: The device has been removed. 7/19/2012 7:44:39 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 7/19/2012 12:06:39 PM, Error: Service Control Manager [7034] - The Dell ControlPoint System Manager service terminated unexpectedly. It has done this 1 time(s). 7/19/2012 12:06:39 PM, Error: Service Control Manager [7034] - The Dell ControlPoint Button Service service terminated unexpectedly. It has done this 1 time(s). 7/19/2012 1:20:15 PM, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP LaserJet 1200 Series PCL 5 with shared resource name HP LaserJet 1200 Series PCL 5. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Foxit PDF Printer with shared resource name Foxit PDF Printer. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Canon iP3500 series with shared resource name Canon iP3500 series. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Brother PC-FAX v.2 with shared resource name Brother PC-FAX v.2. Error 2114. The printer cannot be used by others on the network. 7/17/2012 8:08:20 AM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Brother MFC-9840CDW Printer with shared resource name Brother MFC-9840CDW Printer. Error 2114. The printer cannot be used by others on the network. 7/13/2012 12:28:04 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. . ==== End Of File =========================== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.