Jump to content

hammondjd2

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. SystemLook 30.07.11 by jpshortstuff Log created at 18:41 on 02/05/2013 by joel.hammond (Limited User) ========== DIR ========== c:\documents and settings\joel.hammond\Documentum - Parameters: "(none)" ---Files--- documentum.ini --a---- 94 bytes [20:43 26/04/2013] [20:43 26/04/2013] documentum.lck --a---- 0 bytes [20:43 26/04/2013] [20:43 26/04/2013] ---Folders--- Checkout d------ [20:43 26/04/2013] Export d------ [20:43 26/04/2013] Logs d------ [20:43 26/04/2013] Temp d------ [20:43 26/04/2013] ucf d------ [20:43 26/04/2013] Viewed d------ [20:43 26/04/2013] -= EOF =- I'm not familiar with Kaseya, although I do know our company puts Monitoring SW on our machines which might have the same effect. Since I got hacked a year ago, I started noticing a program that lags on shutdown and has to be force closed by Windows. I only see the popup briefly before it closes and shuts down, but the header bar is titled "FullWindowsOwner." Have you ever come across that one before?
  2. I said I had a rootkit because that is what some of the programs that I mentioned reported to find. You should be able to see this in the logs I posted. Particularly if you look at the first scans. But as I mentioned if you look at the repeated scans of MBAR and MBAM one scan will find the Malware, the next will not, but then later it's back again. Sorry, if this is just a result of my ignorance, but I want to be sure the machine is clean. Even if clean it is still demonstrating many problems and generally not running well. So either the hacker or my attempts to get rid have resulted in damage. I'm hoping there is a way to fix that or restore it back to it's previous condition. In particular, I really need my Outlook corporate email to function properly and I want to make sure I'm not going to spread any infections to someone else.
  3. Sorry, I am following your instruction, the other thing I just noticed in between while waiting for your reply. Yes, as I mentioned in my intial post I already ran several programs to try to get rid of it before I read the instructions on the forum. They all seemed to find the malware and offer to quarantine, clean or delete but as I mentioned it's very persistent and seemd to come right back. And then of course I ran a bunch of things a year ago, when it was infected before, but that was too long ago to remember exactly. I think I ended up having to run ComboFix to get rid of it then and afterwords I started running Trend Micro RUBotted, but it didnt seem to help in avoiding this. This is a company machine and it has Symantec Anti-Virus Protection on it as the resident AV of their choosing. It runs regular periodic scans and I update the virus definitions fairly regularly. I personally always start with MalwareBytes because I've had good success with that historically. To the best of my recollection, after that I tried some of the other TrendMicro products: RKill, rootkit buster and HiJackThis. I can't seem to find any logs for those. Then I went the Kapersky route and tried TDSSKiller but it didn't find much. Then after reading through the forum I learned about MBAR and tried that. That seemed to work great, but as I said, it seems to keep coming back. Oh and I also ran AdwCleaner. I then ran a FRST scan in anticipation that would be required for assistance on the forum, but then when I went to post I saw the instruction for DDS logs instead. Since then you had me run RogueKiller and then TDSSKiller (again). Which leads us to the here & now. The logs I could find are attached. Malware Scan Reports.zip
  4. I found it again. It was called Documentum>Checkout, Export, Logs, Temp, UCF and Viewed. It also contains the files documentum.ini and documentum.lck. All of it was created April 26, 2013 @ 4:43:48 PM. The folders all appear to be empty though, except for the UCF folder which contains two xml files: ucf.installs.config.xml and ucf.launcher.config.xml and the Logs folder which has 2 ucf trace logs. The UCF folder also has a sub-folder with my user name and within it a Shared folder which contains among many things a Jacob.jar and a jacob.dll and other .jar and .dll files. All this is related to the hack, right? Should I delete or do we need this in order to know what and how to fix?
  5. FYI - I found a folder structure yesterday that I think was created by the hacker. I think the Main folder was called Documentum or something like that. But the sub-folders were basically a way to organize his hacking. Files of interest, Files to upload, etc. Anyway I was trying to find it again and couldn't find it. I tried to start a search and it caused my pc to crash with a blue screen.
  6. Hi. I forgot to mention after running Rogue Killer it automatically quarantined an item: PhysicalDrive0_User.dat I posted the report from the RK scan in my last post, but what should I do with this quarantined item. Next I ran the Kapersky TDSSKiller scan. It found some suspicious items, but nothing it classified as malicious. I didn't see any option for Cure or anything like that. I haven't run anything else since we started this process, but why do you think it is that prior to this MalwareBytes and MalwareBytes Rootkit beta were still showing that a rootkit and other malicious items were found. Do you think these are false positives? And what accounts for them to appear to be cleared and then reappear again later? Anyway, the report from the TDSSK scan was too long to post, so I attached it. TDSSKiller.2.8.16.0_02.05.2013_12.52.35_log.txt
  7. RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : joel.hammond [Admin rights] Mode : Scan -- Date : 05/02/2013 10:50:21 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x89D1B1A8) SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (\SystemRoot\System32\Drivers\PROCHIDE.SYS @ 0xB85BE5B0) _INLINE_ : NtCreateKey -> HOOKED (\SystemRoot\system32\DRIVERS\aksfridge.sys @ 0xAB926470) _INLINE_ : NtOpenKey -> HOOKED (\SystemRoot\system32\DRIVERS\aksfridge.sys @ 0xAB9080B1) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9250410AS +++++ --- User --- [MBR] 0886b748b28d3be7108d28b3cf388cc6 [bSP] b35b0ba5bca007cd692de31987f665a0 : Windows XP MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 236386 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 484199100 | Size: 2047 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05022013_02d1050.txt >> RKreport[1]_S_05022013_02d1050.txt
  8. Tried to clean with multpiple programs before reading the forum instructions not to do that, so hopefully I havent done even more damage. One issue that triggered my suspicion of malware was that MS Outlook crashed and now it will not load. It gives me an error everytime I try to open it. Anyway MalwareBytes, which I used first, detected a rootkit along with 39 instances of malware, such as Trojan Agent (including Backdoor). I've tried multiple times to delete the infections, but it keeps returning. If I run it in SafeMode and then run it again it seems to be ok, but if I run it from a normal boot it detects the infections again and then if I clean it and run the program again it detects the same infections again. The machine was infected by a Backdoor rootkit almost exactly 1 year ago and I thought I got rid of it, but either way it appears to be back now. I'm hoping not only to remove the infections, but also repair any damage that may have been done, if possible. Any assistance you can offer would be greatly appreciated. I can backup and reimage if I have to, but I'd rather avoid it if I can. Here are the DDS logs: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 9/3/2010 7:56:23 PM System Uptime: 5/2/2013 4:33:01 AM (1 hours ago) . Motherboard: Dell Inc. | | 0N5KHN Processor: Intel® Core i5 CPU M 540 @ 2.53GHz | CPU 1 | 2527/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 231 GiB total, 161.527 GiB free. D: is FIXED (FAT32) - 2 GiB total, 1.901 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: EasyTether Network Adapter Device ID: ROOT\*EASYTETHER\0000 Manufacturer: Mobile Stream Name: EasyTether Network Adapter PNP Device ID: ROOT\*EASYTETHER\0000 Service: easytether . ==== System Restore Points =================== . RP168: 2/1/2013 2:41:41 AM - System Checkpoint RP169: 2/2/2013 7:45:06 AM - System Checkpoint RP170: 2/3/2013 11:57:41 AM - System Checkpoint RP171: 2/4/2013 3:42:48 PM - System Checkpoint RP172: 2/5/2013 5:27:54 PM - System Checkpoint RP173: 2/6/2013 7:43:41 PM - System Checkpoint RP174: 2/7/2013 2:40:33 PM - Installed Java 6 Update 39 RP175: 2/8/2013 6:12:37 PM - System Checkpoint RP176: 2/9/2013 10:26:37 PM - System Checkpoint RP177: 2/11/2013 3:07:40 AM - System Checkpoint RP178: 2/12/2013 3:35:07 AM - System Checkpoint RP179: 2/13/2013 3:48:11 AM - System Checkpoint RP180: 2/14/2013 3:00:22 AM - Software Distribution Service 3.0 RP181: 2/16/2013 7:33:24 PM - System Checkpoint RP182: 2/17/2013 10:35:21 PM - System Checkpoint RP183: 2/19/2013 7:30:49 AM - System Checkpoint RP184: 2/20/2013 7:48:06 AM - System Checkpoint RP185: 2/21/2013 11:09:17 PM - System Checkpoint RP186: 2/24/2013 5:08:40 PM - System Checkpoint RP187: 2/25/2013 7:06:33 PM - System Checkpoint RP188: 2/26/2013 7:37:29 PM - System Checkpoint RP189: 2/27/2013 12:28:00 AM - Removed LGUP. RP190: 2/27/2013 12:28:11 AM - Installed LGUP. RP191: 2/27/2013 12:29:06 AM - Installed LGUP_GKV_0140. RP192: 2/27/2013 12:53:27 AM - Installed LG United Mobile Driver RP193: 2/28/2013 1:02:22 AM - System Checkpoint RP194: 3/1/2013 2:45:28 AM - System Checkpoint RP195: 3/2/2013 5:46:59 AM - System Checkpoint RP196: 3/3/2013 5:51:51 AM - System Checkpoint RP197: 3/4/2013 8:56:37 AM - Removed Java 6 Update 33 RP198: 3/5/2013 9:31:07 AM - System Checkpoint RP199: 3/6/2013 1:25:52 PM - System Checkpoint RP200: 3/8/2013 4:17:46 AM - System Checkpoint RP201: 3/10/2013 3:54:21 PM - System Checkpoint RP202: 3/12/2013 12:09:34 AM - System Checkpoint RP203: 3/13/2013 1:00:20 AM - Software Distribution Service 3.0 RP204: 3/14/2013 1:00:17 AM - Software Distribution Service 3.0 RP205: 3/18/2013 10:04:43 AM - System Checkpoint RP206: 3/19/2013 1:33:40 PM - System Checkpoint RP207: 3/20/2013 3:03:30 AM - Installed hp deskjet 3500 RP208: 3/21/2013 5:33:39 AM - System Checkpoint RP209: 3/22/2013 9:33:39 AM - System Checkpoint RP210: 3/23/2013 11:08:41 AM - System Checkpoint RP211: 3/24/2013 11:10:06 AM - System Checkpoint RP212: 3/25/2013 11:30:19 AM - System Checkpoint RP213: 3/26/2013 3:30:19 PM - System Checkpoint RP214: 3/27/2013 3:31:24 PM - System Checkpoint RP215: 3/28/2013 7:30:19 PM - System Checkpoint RP216: 3/29/2013 11:31:24 PM - System Checkpoint RP217: 3/31/2013 3:30:18 AM - System Checkpoint RP218: 4/1/2013 7:30:19 AM - System Checkpoint RP219: 4/2/2013 3:30:49 PM - System Checkpoint RP220: 4/4/2013 7:53:03 PM - System Checkpoint RP221: 4/5/2013 10:15:54 AM - Installed LG United Mobile Driver RP222: 4/8/2013 10:40:24 AM - System Checkpoint RP223: 4/10/2013 3:57:37 PM - System Checkpoint RP224: 4/11/2013 1:00:17 AM - Software Distribution Service 3.0 RP225: 4/12/2013 1:27:22 AM - System Checkpoint RP226: 4/13/2013 5:27:21 AM - System Checkpoint RP227: 4/14/2013 9:27:21 AM - System Checkpoint RP228: 4/15/2013 1:27:21 PM - System Checkpoint RP229: 4/18/2013 1:50:41 PM - System Checkpoint RP230: 4/23/2013 6:59:43 PM - System Checkpoint RP231: 4/24/2013 9:23:19 PM - System Checkpoint RP232: 4/26/2013 1:23:19 AM - System Checkpoint RP233: 4/27/2013 5:23:19 AM - System Checkpoint RP234: 4/28/2013 9:23:19 AM - System Checkpoint RP235: 4/29/2013 5:01:11 PM - System Checkpoint RP236: 4/30/2013 7:06:39 PM - System Checkpoint RP237: 5/1/2013 2:21:25 PM - Malwarebytes Anti-Rootkit Restore Point RP238: 5/1/2013 3:38:07 PM - Malwarebytes Anti-Rootkit Restore Point . ==== Installed Programs ====================== . 7-Zip 9.20 AccelerometerP11 Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader 9.5.4 AiO_Scan Artemis AT&T Communication Manager BitPim 1.0.7 Bootstrapper CDDRV_Installer Comneon Mobile Highspeed Modem (20) v3.32.0.0 Compatibility Pack for the 2007 Office system Conexant HDA D330 MDC V.92 Modem Dell Touchpad Driver Installer EasyTether Enterprise erLT Facebook Video Calling 1.2.0.159 FileZilla Client 3.6.0.2 FindProgInstaller Franson GpsGate 2.6 Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HHD Software Serial Port Monitoring Control 2.10 High Definition Audio Driver Package - KB835221 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2484832) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2498911) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB945436) Hotfix for Windows XP (KB949764) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB953955) Hotfix for Windows XP (KB954434) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB958244) Hotfix for Windows XP (KB958347) Hotfix for Windows XP (KB959252) Hotfix for Windows XP (KB961118) HP Deskjet 3520 series Basic Device Software HP Deskjet 3520 series Setup Guide HP PSC & Officejet 4.2 Corporate Edition IDT Audio Intel® Network Connections Drivers Java 6 Update 39 Joyphone Juniper Networks Network Connect 6.5.0 Juniper Networks Network Connect 7.1.11 Juniper Networks, Inc. Setup Client K-Lite Codec Pack 4.8.5 (Standard) KhalInstallWrapper LG ActiveDirectory Service LG United Mobile Driver LG Verizon United Drivers LG VS840 LGnPST DLL LG VS930 LGNPST DLL LGNPST LGnPST for Sprint LGNPST LGL86C DLL LGnPST LS696 DLL LGNPST VN271 DLL LGNPST VS750 DLL LGNPST_VL600 LGNPST_VN150 LGNPST_VS920 LGNPST_VX11K LGUP LGUP LGL86C DLL LGUP_GKV_0140 LiveUpdate 2.6 (Symantec Corporation) LLDM Logitech SetPoint Malwarebytes Anti-Malware version 1.75.0.1300 MapInfo Professional 11.0 MapXtreme v7.0.0 Runtime NCP MEIDWriter Metrico Wireless Datum Microsoft .NET Framework 2.0 ?? ? - ??? Microsoft .NET Framework 2.0 Language Pack - KOR Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Access database engine 2010 (English) Microsoft ActiveSync Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Download Manager Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Outlook Web Access S/MIME (2007) Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WinUsb 1.0 Microsoft WinUsb 2.0 Minitab 16 Minitab Software Update Manager Minitab16 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Muse NVIDIA Drivers OGA Notifier 2.0.0048.0 PANTECH PC USB Modem Software PANTECH UML290 PANTECH USB Modem V2 PCDrafter 2012 PESQ Tools GUI 1.2 Pitney Bowes Business Insight Trial Data PL-2303 USB-to-Serial Privacy-i v1.0 QCAT 5.x QFolder QPST 2.7 QXDM Professional SAMSUNG USB Driver for Mobile Phones Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB2817183) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2124261) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2290570) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360131) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2808735) Security Update for Windows XP (KB2813170) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953155) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB970483) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975254) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB976323) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Sentinel System Driver 5.41.1 (32-bit) Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista SMS Advanced Client SoftwareManager Symantec AntiVirus TESTMODEWriter Trend Micro RUBotted 2.0 Beta UM150 Firmware Updates Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Verizon Wireless UM190 Firmware Updates Verizon Wireless UML290 Firmware Updates Verizon Wireless VL600 Firmware Updates VL600 SW Upgrade Tool VZAccess Manager Waterwall Client for Vista WebFldrs XP WindCatcher WindCatcher Plus Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WinPcap 4.1.2 Wireshark 1.8.5 (32-bit) WWC XCAL-M . ==== Event Viewer Messages From Past Week ======== . 5/2/2013 4:33:37 AM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible. 5/2/2013 4:28:34 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/2/2013 4:21:59 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 5/2/2013 3:37:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bizVSerial eeCtrl Fips intelppm SAVRT SAVRTPEL SYMTDI 5/2/2013 3:37:23 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: The class is configured to run as a security id different from the caller 5/2/2013 3:37:23 AM, error: Service Control Manager [7001] - The Simple Mail Transfer Protocol (SMTP) service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start. 5/2/2013 3:37:23 AM, error: Service Control Manager [7001] - The FTP Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start. 5/2/2013 3:36:14 AM, error: NETLOGON [5719] - No Domain Controller is available for domain LGE due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK Internet Explorer: 8.0.6001.18702 Run by joel.hammond at 5:14:12 on 2013-05-02 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2998 [GMT -4:00] . AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} . ============== Running Processes ================ . C:\WINDOWS\Explorer.EXE C:\WWCNT\SYSTEM\PMonitor.exe C:\Program Files\FileZilla FTP Client\filezilla.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRunOnce: [Report] C:\AdwCleaner[s2].txt mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRunOnce: [Z1] cmd /c "c:\documents and settings\joel.hammond\my documents\downloads\mbar\mbar.exe" /cleanup /s uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {43D64D98-0246-4D2C-AFBE-4F0B86D2F6F9} - hxxp://weeklyboard.lge.com/binary/MTXInstaller.CAB DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1347783978265 DPF: {7A868592-7D06-44CF-ADF1-EF7517BD8F3A} - hxxp://gsod.lge.com:5120/SOD/ActiveUpdate4Manager_Unicode/cabfiles/ManagerEx4.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab DPF: {8FC0F27C-9129-409D-8592-77776AF5DA77} - hxxp://lcglicense.lge.com/Login/NJInnoCPInstall.cab DPF: {B102CB47-BE39-4572-BD36-EB978A5FF76C} - hxxp://approval.lge.com/aprWeb/epLib/webEditer/NamoWec.cab DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab DPF: {E67D7AE1-6292-48CA-9FA9-640DDF75A76F} - hxxp://gerp.lge.com:6010/sys/js/iLoader/iLoader.cab DPF: {EAB86A04-27B5-4662-8CDC-29BC23600CAE} - hxxp://lgesus-se1q.lge.net:8088/pccheckeng/PCSecurityChecker.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://aicvpn.lge.com/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{31E076D7-D3D8-40D5-849D-460DCCE5C608} : DHCPNameServer = 192.168.1.1 Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 FileHook;SAFASOFT File System Filter;c:\windows\system32\drivers\filehook.sys [2010-7-7 48384] R0 SFCDEX;WaterWall SFCDEX Filter;c:\windows\system32\drivers\SFCDEX.sys [2010-7-2 10368] R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-9-13 17072] R1 Safandrv;Safandrv;c:\windows\system32\drivers\safandrv.sys [2010-6-21 18304] R1 SFkbd;SAFASOFT Keyboard Filter;c:\windows\system32\drivers\SFKbd.sys [2008-10-16 4992] R1 SFMouse;SAFASOFT Mouse Filter;c:\windows\system32\drivers\SFMouse.sys [2008-10-16 5632] R1 SFRes;SAFASOFT Resource Driver;c:\windows\system32\drivers\SFRes.sys [2008-10-16 34688] R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2010-9-13 42672] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2010-9-9 168616] S?1 PROCHIDE;ProcHide Driver;c:\windows\system32\drivers\ProcHide.sys [2008-11-17 5632] S1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [2006-4-3 14949] S1 Protect;Protect;c:\windows\system32\drivers\protect.sys --> c:\windows\system32\drivers\Protect.sys [?] S1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232] S1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896] S2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-4-8 185968] S2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-4-8 161392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometerp11\InstallFilterService.exe [2010-9-13 60928] S2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2011-7-27 10384] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088] S2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-10-5 135168] S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2013-4-30 439632] S2 SDFA;SDFA Driver;c:\windows\system32\drivers\sdfa.SYS [2008-10-16 40960] S2 SFfolder;SAFASOFT Encrpty Folder Driver;c:\windows\system32\drivers\sffolder.sys [2009-8-20 35072] S2 WWC;Ww Client 3.2 Agent;c:\wwcnt\WwcService.exe [2010-3-25 239616] S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-9-13 113664] S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys --> c:\windows\system32\drivers\lgandbus.sys [?] S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys --> c:\windows\system32\drivers\lganddiag.sys [?] S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys --> c:\windows\system32\drivers\lgandgps.sys [?] S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys --> c:\windows\system32\drivers\lgandmodem.sys [?] S3 andnetadb;ADB Interface DriverNet;c:\windows\system32\drivers\lgandnetadb.sys --> c:\windows\system32\drivers\lgandnetadb.sys [?] S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys [2013-2-27 23040] S3 AndNetDiag2;LGE AndroidNet For Diagnostics Port;c:\windows\system32\drivers\lgandnetdiag2.sys [2013-2-27 23040] S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;c:\windows\system32\drivers\lgandnetgps.sys --> c:\windows\system32\drivers\lgandnetgps.sys [?] S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys [2013-2-27 27776] S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\drivers\lgandnetndis.sys --> c:\windows\system32\drivers\lgandnetndis.sys [?] S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2008-11-20 113152] S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-4-8 83568] S3 cocdcacm2;cocdcacm2;c:\windows\system32\drivers\cocdcacm2.sys [2010-2-25 44904] S3 cousbmi2;cousbmi2;c:\windows\system32\drivers\cousbmi2.sys [2010-2-25 43880] S3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-9-9 33832] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-9-26 77624] S3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [2011-7-24 17296] S3 FDDec;SAFASOFT Encrpty Mobile Driver;c:\windows\system32\drivers\fddec.sys [2009-9-23 31232] S3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\franson\gpsgate 2.0\GpsGateService.exe [2008-9-12 258048] S3 hhdspmc32;HHD Software Serial Port Monitoring Control Filter Driver;c:\windows\system32\drivers\hhdspmc32.sys [2011-4-18 28744] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\ANDROIDUSB.sys [?] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-9-9 125696] S3 LGEBryceBus;LGE Bryce Composite Device;c:\windows\system32\drivers\lgebrycebus.sys --> c:\windows\system32\drivers\LGEBryceBus.sys [?] S3 LGEBrycemdm;LGE Bryce USB Device for Modem Communication;c:\windows\system32\drivers\lgebrycemdm.sys --> c:\windows\system32\drivers\LGEBrycemdm.sys [?] S3 LGEBryceMux;%LGEBryceMux.SVCDESC%;c:\windows\system32\drivers\lgebrycemux.sys --> c:\windows\system32\drivers\LGEBryceMux.sys [?] S3 LGEBryceNdis;%LGEBryceNdis.Service.DispName%;c:\windows\system32\drivers\lgebrycendis.sys --> c:\windows\system32\drivers\LGEBryceNdis.sys [?] S3 LGEBryceprt;LGE Bryce USB Device for Serial Communication;c:\windows\system32\drivers\lgebryceprt.sys --> c:\windows\system32\drivers\LGEBryceprt.sys [?] S3 LGELTEBus;LGE Composite Device;c:\windows\system32\drivers\lgeltebus.sys --> c:\windows\system32\drivers\LGELTEBus.sys [?] S3 LGELTEmdm;LGE LTE USB Device for Modem Communication;c:\windows\system32\drivers\lgeltemdm.sys --> c:\windows\system32\drivers\LGELTEmdm.sys [?] S3 LGELTEMux;LGE LTE Mux Enumerator ;c:\windows\system32\drivers\lgeltemux.sys --> c:\windows\system32\drivers\LGELTEMux.sys [?] S3 LGELTENdis;LGE USB NDIS Miniport Ethernet Adapter Service;c:\windows\system32\drivers\lgeltendis.sys --> c:\windows\system32\drivers\LGELTENdis.sys [?] S3 LGELTEprt;LGE USB Device for Serial Communication;c:\windows\system32\drivers\lgelteprt.sys --> c:\windows\system32\drivers\LGELTEprt.sys [?] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-5-1 35144] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2011-1-11 18688] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2011-1-11 8320] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2011-1-11 23680] S3 Muse;Muse USB Driver;c:\windows\system32\drivers\Muse.sys [2010-11-16 31872] S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120915.008\naveng.sys [2012-9-16 92704] S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120915.008\navex15.sys [2012-9-16 1601184] S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [2011-3-15 55056] S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [2011-3-15 160912] S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [2011-3-15 160912] S3 PTDMWFLT;PTDMWWAN Filter Driver;c:\windows\system32\drivers\PTDMWFLT.sys [2011-3-15 13456] S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [2011-3-15 118800] S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\ptumlbus.sys --> c:\windows\system32\drivers\PTUMLBUS.sys [?] S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\ptumlcvsp.sys --> c:\windows\system32\drivers\PTUMLCVsp.sys [?] S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\ptumlmdm.sys --> c:\windows\system32\drivers\PTUMLMdm.sys [?] S3 PTUMLNET;PANTECH UML290 WWAN;c:\windows\system32\drivers\ptumlnet.sys --> c:\windows\system32\drivers\PTUMLNET.sys [?] S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\ptumlnvsp.sys --> c:\windows\system32\drivers\PTUMLNVsp.sys [?] S3 PTUMLRMNET;PANTECH UML290 RMNET Service;c:\windows\system32\drivers\ptumlrmnet.sys --> c:\windows\system32\drivers\PTUMLRMNET.sys [?] S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\ptumlvsp.sys --> c:\windows\system32\drivers\PTUMLVsp.sys [?] S3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;c:\windows\system32\drivers\PTUMWBus.sys [2011-4-22 54544] S3 PTUMWCSP;PANTECH USB Modem V2 Connection Port;c:\windows\system32\drivers\PTUMWCSP.sys [2011-4-22 160400] S3 PTUMWFLT;PTUMWNET Filter Driver;c:\windows\system32\drivers\PTUMWFLT.sys [2011-4-22 11920] S3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;c:\windows\system32\drivers\PTUMWMdm.sys [2011-4-22 160400] S3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;c:\windows\system32\drivers\PTUMWNET.sys [2011-4-22 115216] S3 PTUMWNSP;PANTECH USB Modem V2 NMEA Port;c:\windows\system32\drivers\PTUMWNSP.sys [2011-4-22 160400] S3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;c:\windows\system32\drivers\PTUMWVsp.sys [2011-4-22 160400] S3 qcserxp;HTC Diagnostic Port;c:\windows\system32\drivers\qcserxp.sys [2011-7-17 103424] S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-4-17 124608] S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~2\SMSIVZAM5.SYS [2010-4-14 32408] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-9-26 181432] S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [2008-8-20 168192] S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [2008-8-20 142976] S3 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-4-17 1706176] S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\drivers\lgusbgps.sys --> c:\windows\system32\drivers\lgusbgps.sys [?] S3 vzandnetadb;ADB Interface DriverNet for VZW;c:\windows\system32\drivers\lgvzandnetadb.sys [2011-10-10 25856] S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\drivers\lgvzandnetdiag.sys [2011-10-10 23168] S3 vzandnetdiag2;LGE AndroidNet for VZW Diagnostics Port;c:\windows\system32\drivers\lgvzandnetdiag2.sys [2011-10-10 23168] S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\drivers\lgvzandnetmdm.sys [2011-10-10 27904] S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\drivers\lgvzandnetndis.sys [2011-10-21 71040] S3 WnsDrvr;WnsDrvr;c:\windows\system32\drivers\wnsdrvr.sys [2011-2-21 25952] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 WwHook;WwHook;c:\windows\system32\drivers\Wwhook.sys [2007-5-21 7867] S4 ADAgent;ADAgent;c:\program files\lgead\ADAgentService.exe [2008-8-13 586752] S4 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?] . =============== Created Last 30 ================ . 2013-05-02 06:52:26 -------- d-----w- C:\FRST 2013-05-01 20:47:14 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-04-30 18:36:50 131720 ----a-w- c:\windows\system32\drivers\tmrkb.sys 2013-04-30 17:36:17 -------- d-----w- c:\program files\Trend Micro 2013-04-30 07:00:28 -------- d-sh--w- C:\found.000 2013-04-29 17:57:20 -------- d-----w- c:\documents and settings\joel.hammond\application data\Malwarebytes 2013-04-26 20:43:09 -------- d-----w- c:\documents and settings\joel.hammond\Documentum . ==================== Find3M ==================== . 2013-04-30 19:34:51 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-13 18:33:31 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-13 18:33:31 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll 2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll 2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-02 01:31:30 1876224 ----a-w- c:\windows\system32\win32k.sys 2013-03-02 01:08:47 385024 ----a-w- c:\windows\system32\html.iec 2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll 2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys . ============= FINISH: 5:15:11.15 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.