Jump to content

Search the Community

Showing results for tags 'Crash'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. To whom it may concern, Today once again I had to deal with the stupid conduit hijacker, It really does seem to come out of nowhere, I read an article that your software would detect and remove it, you offer a free trial which I have downloaded. It certainly detects many instances of the conduit entries but as soon as you hit remove the program crashes and will not respond, I have searched high and low for a fix for this and have only become more aggravated. Can anyone respond to this and explain why the program continually crashes?
  2. Hello, Before a few days I connected my hard drives to my mother's computer. After I connected them again to my computer I found a folder named $Recycle.Bin. Then I downloaded Malwarebytes, updated it and start a scan. I check what is the situation after an hour and the whole computer was not responding. So I restarted it and try to scan it again, but... same situation. After a few tries I went to Safe mode but Malwarebytes crashed every time when start scanning C:/Windows/System32/wlandlg.dll . I'll be glad if you have idea why is this happening and is it possible to finish the scan and remove the founded malware. Thank you in advance.
  3. Sooooo, I just thought I'd mention a false positive that I've noticed recently. When using Chrome (perhaps all browsers), the eBay login page apparently uses some sort of Silverlight component. Upon browsing to this page, a yellow bar appears directly below the Bookmarks Bar which says "Silverlight Plug-In has crashed." At the exact same time, the Malwarebytes Anti-Exploit window pops up and says "Anti-Exploit has blocked an exploit attempt". Please acknowledge...
  4. Even when I am working as opposed to dormant my computer screen will go white, black or even yellow(ish). I'm running on Windows Home Vista 32. The strange thing is if I run MS Security Essentials on full scan is seems to prolong my activity without crashing - not always but mostly
  5. Hi, I am here again to try to figure this out. I've been wrestling with this for about three days now and it won't let up. Around three days ago, my computer blue screened and gave me a page fault error. I used WhoCrashed and it pointed me towards my graphics driver, which I then updated. The problem then went away for about three hours, then I got IQRL_NOT something, I didn't get time to read it all... WhoCrashed says it was an unknown dirver, and I don't know what happened. I then did a factory reset, but it didn't help, as my computer just crashed one more time during system restoration. So I used my boot disk for Windows 7 to reinstall it. It worked, but only for about a day, then it began crashing again. The only way to get away from these crashes is to boot in safe mode... I'm using Safe Mode with Networking right now to post this, and it's only crashed once. My computer is a Toshiba Sattelite C655 running Windows 7 Home Premium 64-bit. Can I get some help? Usually factory restore fixes broken drivers/sys files.
  6. I use portable versions of most web browsers, rather than the installed version, because I use multiple Windows profiles and I want my browser settings to be the same for all. It's easier than syncing bookmarks and prefs for several browsers. I find it very useful to have multiple browsers. One browser can be dedicated to specific purpose. In other cases, I will switch from one to another if there are problems with downloads or odd webpage behavior. At first everything seemed all right, but then the foo hit the fan. The worst hit were Pale Moon (an optimized Firefox version) and Opera. I had just updated my portable Pale Moon, and it would not start, giving me this message: --------------------------- palemoon.exe - Unable To Locate Component --------------------------- This application has failed to start because MSVCP110.dll was not found. Re-installing the application may fix this problem. --------------------------- The DLL was there, and perfectly all right. I checked MDA5 hashes, wiped and re-installed, tried to registered the DLL manually, all to no avail. Opera would not start either. I had to laugh when it told me that "Opera crashed while trying to show the crash dialogue for a previous crash." The message continued with: A crash log was created here: C:\Users\matera\AppData\Local\Temp\OperaPortableTemp\opera-20130921204854\ There is no such directory. This looked to me like something was not playing nice with portables! When another program communicates in certain ways with the portable browsers, they can "forget" that they are portable. (Sorry, my vocabulary is inadequate here.) A portable install needs some special handling. You can't, for instance, update a portable browser through its update dialog; that will break it badly. So I deduced that the browser was getting "confused" by something external. Firefox Portable just hung for an agonizingly long time, and I had to kill the process. More than one attempt was made to run each browser, with temp cleanups and a reboot to reduce the possibility of corruped cache and cookie influence. I suspected MBAE, since it was the only newly changed factor I could think of that they all had in common. After a few controlled experiments, trying to start the browsers with and without MBAE running, it was clear that Anti-Exploit was the culprit. When it was not running, everything proceeded normally. There was no difficulty with my fully installed default, Avant Browser. I did see some hesitation in IE (which I only use for testing things and for wheedling files from Microsoft on occasion). That's all for now.
  7. Hi, recently my antivirus software subscription expired (Trend) and I didn't realize it. From the day it expired, I've had problems with the computer randomly shutting down on me, or Chrome will crash in the middle of working. Pandora triggers this especially. I downloaded ESET NOD32 antivirus software and that's helped a little, but the computer still crashes all the time. attached are the reports I ran. Thanks! attach.txt dds.txt
  8. Hello, I wasn't able to find a similar problem as mine after about 15 minutes of looking so here's the deal. I noticed my computer was running really slowly when I turned it on today so I decided to do a routine scan and as soon as I clicked to "Scan" to start it, a little window pops up that says "Malwarebytes has stopped working". I've tried restarting my computer to see if it was just bugged and it still does it. So I'm just wondering if it's just bugged or is my computer like hardcore infected? Any help will be greatly appreciated! I really need my laptop, cause I work from home so hopefully I can get some help quick! Let me know what you need from me to make this as quick and easy as possible. Thanks!
  9. Hi I've been successfully using Malwarebytes for several years now, but the last few times i have tried to scan for malware, the program keeps freezing after only a few minutes. It does find approximately 13 problems but due to the fact it freezes and then crashes to a black screen i have been unable to solve any problems. I have tried full scan , quick scan in both normal and safe modes to no avail. A little help please?
  10. Hi, I've been trying to scan my computer ( winXP) with the new version 1.70 but the program was freezing and stopping analysis after a couple of minutes. I cannot identify the origin of the problem. I thought first because i got a little infection that i fixed with the help of an online decontamination forum. Since then I re-installed MBAM but the problem remains same. One comment i can say is that once the program starts analyzing C: files, the crash happens. Please check the attached print screen to see an example of the crash. Need help please 'cause I never had trouble with old versions of MBAM that i'm using for years now. Thank you
  11. Hello, I am following the instructions I received from the MalwareBytes program I ran to remove malware from my machine. I am attaching both logs, as instructed: dds.txt and attach.txt Please let me know if there is ANY other information you need from me, to help me with this problem. I appreciate your help very much. Thank you so much. Shobuz99 . DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL Internet Explorer: 8.0.6001.18702 Run by Administrator at 15:29:07 on 2012-09-23 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.1303 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Outpost Firewall *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\Explorer.EXE . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [OutpostMonitor] c:\progra~1\agnitum\outpos~1\op_mon.exe /tray /noservice mRun: [OutpostFeedBack] "c:\program files\agnitum\outpost firewall\feedback.exe" /dump:os_startup mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe mRunOnce: [OTL] "c:\documents and settings\bridget\desktop\OTL.exe" mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{1F4F3D9F-A20C-4608-87CB-71BE86DB4011} : DhcpNameServer = 209.18.47.61 209.18.47.62 AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-13 435032] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-28 314456] S1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2011-1-28 704384] S2 acssrv;Agnitum Client Security Service;c:\progra~1\agnitum\outpos~1\acs.exe [2011-1-28 1195008] S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-28 20568] S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-28 44768] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-28 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-9 250568] S3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2011-1-28 31128] S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-1-28 257432] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-1-28 136176] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . =============== Created Last 30 ================ . 2012-09-23 19:14:08 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes 2012-09-23 19:13:25 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-23 19:13:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-23 19:13:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-23 16:40:52 -------- d-----w- C:\_OTL 2012-09-23 03:24:28 1893 ----a-w- c:\windows\bcmwltrytmp.reg 2012-09-23 02:37:01 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Google 2012-09-14 00:18:46 -------- d-sh--w- c:\documents and settings\administrator\IETldCache . ==================== Find3M ==================== . 2012-09-10 07:16:13 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-10 07:16:12 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys . ============= FINISH: 15:30:33.06 =============== attach.txt dds.txt
  12. hello. I'm a noob to this forum. I found it when searching for anything to do with a crash problem for a computer that has an image file of a blue screen with crash information, titled fsqwr.bmp I found a thread from 2010 that was closed: http://forums.malwarebytes.org/index.php?showtopic=70381 I followed the advice of "Maniac" (his name is Borislav) and downloaded the "OTL" file and ran it, in Safe Mode with Networking. Since the forum was closed, I attempted to figure out what the proper course of action was for correcting the problem. When I ran OTL and got the results, I deduced that the file in the folder C:\Documents and Settings\All Users\Application Data\iEcCb06301 was different for me, since Borislav's instructions were specifically for helping the person on that forum thread. I found the file name in MY results and substituted it, C:\Documents and Settings\All Users\Application Data\mFhJ0o01803 and then copied and pasted the rest into the "Custom Scans/Fixes" section of the OTL exe dialog. Then I clicked 'Runfix". When it finished, I did not get the message that should say "Fix Complete press ok to open log". Instead, the machine asked me to "reboot" the machine, so that it could complete the file removal process. I did that and I still got the blue screen message after Windows had loaded and stayed there for about 30 seconds or more. Obviously, I did not clear out this malware. Should I erase the OTL.txt, Extra.txt and the log output file and start over? Or is there something else I can try? I think this machine is seriously messed up. Machine is a Dell Inspiron E1505 laptop Windows XP SP3 120GB drive Please let me know if there is any other information you need, about the computer. I also have the log files in .txt format. I ran OTL twice and have the results files for both times (attached). Thank you very much for any help you can give me. Shobuz99 09232012_124052.log 09232012_131511.log
  13. Hi. I suspect I'm having a virus of some sort on my pc, because I need admin privileges to do basic things (like moving files from the desktop to a picture folder) and because when I click on th Pictures library, it says there are no connected folders. I decided to run a quick scan with MBAM (free version), but after the scan is finished (or during), it just crashes and windows says it doesn't respond. I can see that it detected 4 threats, though. When I start MBAM again, it shows no logs. Windows 7 Ultimate (64-bit) Asus G53SX Do you need more info or logs or anything? Thanks in advance!
  14. I am using MS Security essentials on Win 7 64 bit machine. Have excluded Malwarebytes files EXCEPT C:\WINDOWS\SysWOW64\drivers\mbamswissarmy.sys which does not seem to be present Full scan crashes the system (not freezes) Here are the log files: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Alan at 2:07:15 on 2012-08-27 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7988.5601 [GMT -4:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\GManager.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Lenovo\System Update\SUService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskhost.exe C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe C:\Windows\system32\Dwm.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\TpShocks.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Clownfish\Clownfish.exe C:\Program Files (x86)\Affixa\AffixaTray.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Digital Line Detect\DLG.exe C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe C:\Windows\system32\igfxext.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE C:\Program Files\Classic Shell\ClassicStartMenu.exe C:\Windows\explorer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll BHO: EasyPark.Homeloading.ActiveX.CommunicationControl: {082ae893-dcf4-4dcf-9a01-5ea5d680b832} - mscoree.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll BHO: AffixaHandlerLib.BHO: {5adefb9e-b824-45e6-86e2-2b7941f5d6a3} - mscoree.dll BHO: CmjBrowserHelperObject Object: {6fe6a929-59d1-4763-91ad-29b61cffb35b} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO: ClassicIE9BHO Class: {ea801577-e6ad-4bd5-8f71-4be0154331a4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll TB: Classic Explorer Bar: {553891b7-a0d5-4526-be18-d3ce461d6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe" uRun: [Affixa] C:\Program Files (x86)\Affixa\AffixaTray.exe uRun: [Google Update] "C:\Users\Alan\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [<NO NAME>] mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide mRun: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe mRun: [AffixaPersonalSettings] "C:\Program Files (x86)\Affixa\AffixaHandler.exe" /APPLYPERSONAL mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/201 IE: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/203 IE: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/204 IE: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/202 IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{4953C4C4-2DC8-424C-88BB-58DE6537C051} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{BA44D90C-B88F-436D-858D-7B5E1695BF46} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{BA44D90C-B88F-436D-858D-7B5E1695BF46}\2474D21353 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{E9DA7350-AA86-4266-B2AB-1057C2AE36C2} : DhcpNameServer = 192.168.42.129 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL LSA: Notification Packages = scecli ACGina mASetup: {90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB} - C:\Program Files (x86)\Mindjet\MindManager 10\sys\MmInternetExplorerActiveSetup.vbs BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll BHO-X64: EasyPark.Homeloading.ActiveX.CommunicationControl: {082AE893-DCF4-4dcf-9A01-5EA5D680B832} - mscoree.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll BHO-X64: AffixaHandlerLib.BHO: {5adefb9e-b824-45e6-86e2-2b7941f5d6a3} - mscoree.dll BHO-X64: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO-X64: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll TB-X64: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe mRun-x64: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [(Default)] mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide mRun-x64: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe mRun-x64: [AffixaPersonalSettings] "C:\Program Files (x86)\Affixa\AffixaHandler.exe" /APPLYPERSONAL mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\jtu6ryl0.default\ FF - prefs.js: browser.startup.homepage - hxxp://advancedhiring.com/|http://www.advancedhiring.com/blog/|http://mail.advancedhiring.com/Default.aspx#page=L01haW4vZnJtTWVzc2FnZXMuYXNweD8_&section=UserEmail&lbh=false FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=spkyf-1.7.0&src=ab&aid=mXu8g1i553002V&q= FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Parx\Parx.Homeloading\NPEasyPark.dll FF - plugin: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 DzHDD64;DzHDD64;C:\Windows\system32\DRIVERS\DzHDD64.sys --> C:\Windows\system32\DRIVERS\DzHDD64.sys [?] R0 fltsrv;Acronis Storage Filter Management;C:\Windows\system32\DRIVERS\fltsrv.sys --> C:\Windows\system32\DRIVERS\fltsrv.sys [?] R0 mctkmdldr;mctkmdldr;C:\Windows\system32\drivers\mctkmdldr64.sys --> C:\Windows\system32\drivers\mctkmdldr64.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?] R0 vidsflt61;Acronis Disk Storage Filter (61);C:\Windows\system32\DRIVERS\vsflt61.sys --> C:\Windows\system32\DRIVERS\vsflt61.sys [?] R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys --> C:\Windows\system32\DRIVERS\smiifx64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 GManager;GManager;C:\Windows\system32\GManager.exe --> C:\Windows\system32\GManager.exe [?] R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992] R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-8-14 50536] R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2012-8-3 101736] R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-8-14 74088] R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-8-3 133992] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-7-5 375208] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-6-8 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-26 655944] R2 MCTDesktopSvr;MCTDesktopSvr;C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [2012-8-6 199296] R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-7-29 301760] R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?] R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2012-8-3 145256] R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2012-8-3 142696] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-3 2533400] R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?] R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?] R3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-8-3 320576] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 LenovoRd;LenovoRd;C:\Windows\system32\Drivers\LenovoRd.sys --> C:\Windows\system32\Drivers\LenovoRd.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 mctkmd;mctkmd;C:\Windows\system32\drivers\mctkmd64.sys --> C:\Windows\system32\drivers\mctkmd64.sys [?] R3 t1pusb64;Trigger 1+ Graphics Card;C:\Windows\system32\drivers\t1pusb64.sys --> C:\Windows\system32\drivers\t1pusb64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-3 250056] S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-3 113120] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2012-8-3 1662560] S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2012-8-3 1665120] S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\system32\DRIVERS\silabenm.sys --> C:\Windows\system32\DRIVERS\silabenm.sys [?] S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\system32\DRIVERS\silabser.sys --> C:\Windows\system32\DRIVERS\silabser.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-27 04:52:37 -------- d-----w- C:\Program Files\Classic Shell 2012-08-26 21:50:37 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A47EACE5-6CFE-4FA8-823C-917CA1DBD5F9}\offreg.dll 2012-08-26 21:49:57 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A47EACE5-6CFE-4FA8-823C-917CA1DBD5F9}\mpengine.dll 2012-08-26 17:39:34 -------- d-----w- C:\Users\Alan\AppData\Roaming\Malwarebytes 2012-08-26 17:39:28 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-26 17:39:27 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-26 17:39:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-25 21:52:03 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-24 08:34:52 71680 ----a-w- C:\Windows\System32\drivers\silabser.sys 2012-08-24 08:34:52 27336 ----a-w- C:\Windows\System32\drivers\silabenm.sys 2012-08-24 08:34:52 -------- d-----w- C:\SiLabs 2012-08-24 08:33:35 -------- d-----w- C:\Program Files (x86)\Silabs 2012-08-24 08:33:17 -------- d-----w- C:\Program Files (x86)\Parx 2012-08-24 04:18:28 -------- d-----w- C:\Program Files\ThinkVantage 2012-08-24 04:17:28 98496 ----a-w- C:\Windows\System32\NicInstK.dll 2012-08-24 04:17:28 68264 ----a-w- C:\Windows\System32\e1kmsg.dll 2012-08-24 04:17:28 342704 ----a-w- C:\Windows\System32\drivers\e1k62x64.sys 2012-08-22 20:46:26 -------- d-----w- C:\Program Files\SAMSUNG 2012-08-22 20:45:42 -------- d-----w- C:\ProgramData\Samsung 2012-08-22 14:41:10 60304 ----a-w- C:\Users\Alan\g2mdlhlpx.exe 2012-08-22 06:04:36 -------- d-----w- C:\Users\Alan\AppData\Roaming\The Journal 5 2012-08-22 06:04:36 -------- d-----w- C:\Users\Alan\AppData\Local\The Journal 5 2012-08-22 06:04:36 -------- d-----w- C:\ProgramData\The Journal 2012-08-22 06:04:36 -------- d-----w- C:\Program Files (x86)\DavidRM Software 2012-08-20 18:17:26 -------- d-----w- C:\Users\Alan\AppData\Roaming\Mapi2Xml 2012-08-20 09:17:23 -------- d-----w- C:\Users\Alan\AppData\Local\Apps 2012-08-20 09:17:22 -------- d-----w- C:\Users\Alan\AppData\Local\Deployment 2012-08-16 14:29:49 -------- d-----w- C:\Program Files (x86)\Lame For Audacity 2012-08-16 14:27:21 -------- d-----w- C:\Program Files (x86)\Audacity 2012-08-16 04:51:46 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-08-16 04:51:30 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-08-16 04:51:16 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-08-16 04:51:07 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-08-15 18:04:02 -------- d-----w- C:\Program Files (x86)\Citrix 2012-08-15 18:03:10 -------- d-----w- C:\Program Files (x86)\Oracle 2012-08-15 18:02:54 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-15 18:02:54 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-15 17:25:50 -------- d-----w- C:\Users\Alan\AppData\Roaming\Affixa 2012-08-15 17:23:14 -------- d-----w- C:\Program Files (x86)\Affixa 2012-08-15 08:53:32 -------- d-----w- C:\Program Files (x86)\Clownfish 2012-08-14 14:34:46 53248 ----a-r- C:\Users\Alan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-08-14 14:34:33 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2012-08-14 14:33:20 -------- d-----w- C:\Users\Alan\AppData\Roaming\Logishrd 2012-08-14 07:50:35 68864 ----a-w- C:\Windows\System32\drivers\stream.sys 2012-08-14 07:46:00 951680 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-14 07:34:56 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2012-08-14 07:34:56 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys 2012-08-14 07:34:56 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2012-08-14 07:34:56 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2012-08-14 07:34:55 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2012-08-14 07:34:55 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2012-08-14 07:34:55 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2012-08-14 04:33:33 6656 ----a-w- C:\Windows\System32\pxc35pm.dll 2012-08-14 04:33:01 -------- d-----w- C:\ProgramData\Mindjet 2012-08-14 04:31:01 -------- d-----w- C:\Users\Alan\AppData\Local\{8162AB6F-3DB1-4988-9EE4-D2A7861BD300} 2012-08-12 07:45:44 -------- d-----w- C:\Program Files (x86)\KeyWallet 2012-08-09 05:36:32 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-08-09 05:36:32 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-08-07 18:52:43 -------- d-----w- C:\Users\Alan\AppData\Roaming\Desktop Apps 2012-08-07 18:50:16 -------- d-----w- C:\Program Files (x86)\Mioplanet 2012-08-06 16:05:45 55808 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\ZIMFPRNT.DLL 2012-08-06 15:55:27 -------- d-----w- C:\Program Files\HP 2012-08-06 15:55:22 61952 ----a-w- C:\Windows\System32\ZIMF.DLL 2012-08-06 15:55:22 567296 ----a-w- C:\Windows\System32\ZSHP1018.EXE 2012-08-06 15:55:22 49664 ----a-w- C:\Windows\System32\ZTAG.DLL 2012-08-06 15:55:22 127488 ----a-w- C:\Windows\System32\ZSPOOL.DLL 2012-08-06 15:55:22 115200 ----a-w- C:\Windows\System32\ZLhp1018.DLL 2012-08-06 14:31:22 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2012-08-06 09:22:49 -------- d-----w- C:\Program Files (x86)\DisplayFusion 2012-08-06 09:00:24 -------- d-----w- C:\ProgramData\Conexant 2012-08-06 09:00:23 -------- d-----w- C:\Users\Alan\AppData\Local\Conexant 2012-08-06 07:08:54 -------- d-----w- C:\Program Files (x86)\MCT Corp 2012-08-05 15:09:42 -------- d-----w- C:\Program Files (x86)\OnyakTech 2012-08-05 13:19:07 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync 2012-08-05 13:18:43 -------- d-----w- C:\Windows\PCHEALTH 2012-08-05 10:40:55 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-08-05 10:04:36 -------- d-----w- C:\ProgramData\Macrium 2012-08-05 10:03:05 -------- d-----w- C:\Program Files\Macrium 2012-08-05 09:18:39 -------- d-----w- C:\Users\Alan\AppData\Local\LogMeIn 2012-08-05 09:18:37 59808 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll 2012-08-05 09:18:37 34720 ----a-w- C:\Windows\System32\LMIport.dll 2012-08-05 09:18:36 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-08-05 09:18:36 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys 2012-08-05 09:18:33 80800 ----a-w- C:\Windows\System32\LMIinit.dll 2012-08-05 09:18:30 -------- d-----w- C:\ProgramData\LogMeIn 2012-08-05 09:18:20 -------- d-----w- C:\Program Files (x86)\LogMeIn 2012-08-05 07:53:59 -------- d-----w- C:\Program Files (x86)\Future Systems Solutions 2012-08-05 07:09:54 1580576 ----a-w- C:\Windows\System32\drivers\tdrpm147.sys 2012-08-05 07:09:45 83488 ----a-w- C:\Windows\System32\drivers\tifsfilt.sys 2012-08-05 07:09:42 237600 ----a-w- C:\Windows\System32\drivers\snman380.sys 2012-08-05 04:05:47 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2012-08-05 03:49:13 -------- d-----w- C:\Windows\System32\SPReview 2012-08-05 03:48:35 -------- d-----w- C:\Windows\System32\EventProviders 2012-08-04 19:50:03 -------- d-sh--w- C:\Users\Alan\AppData\Roaming\Common 2012-08-04 19:39:42 3 ----a-w- C:\Windows\System32\OutN64proc64.dll 2012-08-04 19:39:42 1 ----a-w- C:\Windows\System32\InN64proc64.dll 2012-08-04 18:47:55 -------- d-----w- C:\Users\Alan\AppData\Local\Logitech® Webcam Software 2012-08-04 18:44:30 -------- d-----w- C:\Program Files (x86)\Common Files\LWS 2012-08-04 11:48:39 880160 ----a-w- C:\Windows\System32\drivers\timntr.sys 2012-08-04 11:48:37 211040 ----a-w- C:\Windows\System32\drivers\vididr.sys 2012-08-04 11:48:37 142944 ----a-w- C:\Windows\System32\drivers\vsflt61.sys 2012-08-04 11:48:29 310368 ----a-w- C:\Windows\System32\drivers\snapman.sys 2012-08-04 05:10:59 732160 ----a-w- C:\Windows\SysWow64\imapi2fs.dll 2012-08-04 05:09:59 70656 ----a-w- C:\Windows\SysWow64\amstream.dll 2012-08-04 04:49:57 2565632 ----a-w- C:\Windows\System32\esent.dll 2012-08-04 04:49:57 1699328 ----a-w- C:\Windows\SysWow64\esent.dll 2012-08-04 04:49:57 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-04 04:49:56 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2012-08-04 04:49:56 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2012-08-04 04:49:56 189824 ----a-w- C:\Windows\System32\drivers\storport.sys 2012-08-04 04:49:56 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2012-08-04 04:49:56 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2012-08-04 04:49:56 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys 2012-08-04 04:49:55 96768 ----a-w- C:\Windows\System32\fsutil.exe 2012-08-04 04:49:55 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe 2012-08-04 03:53:07 -------- d-sh--r- C:\acroldr 2012-08-04 03:44:38 1285216 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2012-08-04 03:44:31 142944 ----a-w- C:\Windows\System32\drivers\vsflt58.sys 2012-08-04 03:44:28 133728 ----a-w- C:\Windows\System32\drivers\fltsrv.sys 2012-08-03 15:53:39 -------- d-----w- C:\Users\Alan\AppData\Local\Google 2012-08-03 15:53:37 -------- d-----w- C:\Users\Alan\AppData\Local\CRE 2012-08-03 15:53:29 -------- d-----w- C:\Program Files (x86)\Conduit 2012-08-03 15:53:28 -------- d-----w- C:\Users\Alan\AppData\Local\Conduit 2012-08-03 15:53:19 -------- d-----w- C:\Program Files (x86)\uTorrent 2012-08-03 15:52:47 -------- d-----w- C:\Users\Alan\AppData\Roaming\uTorrent 2012-08-03 15:51:12 -------- d-----w- C:\Program Files\PeerBlock 2012-08-03 15:35:22 -------- d-----w- C:\Windows\System32\appmgmt 2012-08-03 15:34:32 -------- d-----r- C:\Program Files (x86)\Skype 2012-08-03 15:23:20 -------- d-----w- C:\Users\Alan\AppData\Local\Macromedia 2012-08-03 15:09:43 -------- d-----w- C:\Program Files (x86)\MSECache 2012-08-03 13:38:35 -------- d-----w- C:\Users\Alan\AppData\Local\TechSmith 2012-08-03 13:37:51 -------- d-----w- C:\Program Files (x86)\Banner Maker Pro 8 2012-08-03 13:37:10 -------- d-----w- C:\Windows\SysWow64\QuickTime 2012-08-03 13:36:53 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared 2012-08-03 13:11:30 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-08-03 13:03:04 -------- d-----w- C:\Users\Alan\AppData\Local\Adobe 2012-08-03 12:49:54 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-03 12:49:54 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-08-03 12:47:28 -------- d-----w- C:\Users\Alan\AppData\Local\Mindjet 2012-08-03 12:42:01 -------- d-----w- C:\Program Files (x86)\Mindjet 2012-08-03 12:41:10 -------- d-----w- C:\Users\Alan\AppData\Local\{8027227F-E033-40AD-8B3F-C0658D596D0B} 2012-08-03 12:25:02 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-08-03 12:25:01 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-08-03 12:25:01 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-08-03 10:33:08 -------- d-----w- C:\Windows\Panther 2012-08-03 10:17:36 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13369C94-4FC9-4FA6-82AE-72735FF81386}\gapaengine.dll 2012-08-03 10:12:19 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-08-03 10:12:13 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-08-03 10:08:19 -------- d--h--w- C:\Windows\System32\WLANProfiles 2012-08-03 10:04:34 163840 ----a-w- C:\Windows\System32\umpo.dll 2012-08-03 09:56:15 -------- d-----w- C:\Users\Alan\AppData\Roaming\PwrMgr 2012-08-03 09:54:42 -------- d-----w- C:\Users\Alan\AppData\Local\Lenovo 2012-08-03 09:49:42 48704 ----a-w- C:\Windows\System32\ibmpmsvc.exe 2012-08-03 09:49:42 42312 ----a-w- C:\Windows\System32\drivers\ibmpmdrv.sys 2012-08-03 09:49:42 41024 ----a-w- C:\Windows\System32\tpinspm.dll 2012-08-03 09:49:09 337608 ----a-w- C:\Windows\System32\PROUnstl.exe 2012-08-03 09:48:47 118016 ----a-w- C:\Windows\System32\drivers\LenovoRd.sys 2012-08-03 09:47:04 53248 ----a-r- C:\Users\Alan\AppData\Roaming\Microsoft\Installer\{0369F866-2CE0-4EB9-B426-88FA122C6E82}\ARPPRODUCTICON.exe 2012-08-03 09:47:04 -------- d-----w- C:\ProgramData\Lenovo 2012-08-03 09:47:04 -------- d-----w- C:\Program Files\Common Files\Lenovo 2012-08-03 09:47:01 53248 ----a-r- C:\Users\Alan\AppData\Roaming\Microsoft\Installer\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}\ARPPRODUCTICON.exe 2012-08-03 09:45:25 2693728 ------w- C:\Windows\PWMBTHLV.EXE 2012-08-03 09:45:23 29512 ----a-w- C:\Windows\System32\drivers\DZHDD64.SYS 2012-08-03 09:45:23 2806880 ----a-w- C:\Windows\System32\PWMCP64V.cpl 2012-08-03 09:45:23 19784 ----a-w- C:\Windows\System32\drivers\TPPWR64V.SYS 2012-08-03 09:45:23 -------- d-----w- C:\Program Files (x86)\ThinkPad 2012-08-03 09:44:51 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2012-08-03 09:44:51 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2012-08-03 09:44:51 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2012-08-03 09:44:51 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2012-08-03 09:44:47 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2012-08-03 09:43:59 148264 ----a-w- C:\Windows\System32\SynTPCo4.dll 2012-08-03 09:43:58 736528 ----a-w- C:\Windows\System32\SynCOM.dll 2012-08-03 09:43:21 -------- d-----w- C:\Windows\Downloaded Installations 2012-08-03 09:43:10 -------- d-----w- C:\Program Files (x86)\Common Files\Lenovo 2012-08-03 09:43:00 15472 ----a-w- C:\Windows\System32\drivers\smiifx64.sys 2012-08-03 09:42:47 -------- d-----w- C:\SWTOOLS 2012-08-03 09:42:28 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2012-08-03 09:41:22 682624 ----a-w- C:\Windows\System32\drivers\CHDRT64.sys 2012-08-03 09:41:22 426040 ----a-w- C:\Windows\System32\UCI64A52.dll 2012-08-03 09:41:22 1830016 ----a-w- C:\Windows\System32\CX64AQ17.dll 2012-08-03 09:40:07 -------- d-----w- C:\Program Files (x86)\Digital Line Detect 2012-08-03 09:40:03 -------- d-----w- C:\Users\Alan\AppData\Local\BVRP Software 2012-08-03 09:39:22 -------- d-----w- C:\Program Files (x86)\NetWaiting 2012-08-03 09:39:01 -------- d-----w- C:\Program Files\CONEXANT 2012-08-03 09:38:47 94208 ----a-w- C:\Windows\SysWow64\mdmxsdk.dll 2012-08-03 09:38:47 740864 ----a-w- C:\Windows\System32\drivers\CAX_CNXT.sys 2012-08-03 09:38:47 436736 ----a-w- C:\Windows\SysWow64\XAudio64.dll 2012-08-03 09:38:47 394752 ----a-w- C:\Windows\System32\UCI64M41.dll 2012-08-03 09:38:47 292864 ----a-w- C:\Windows\System32\drivers\CAXHWAZL.sys 2012-08-03 09:38:47 17024 ----a-w- C:\Windows\System32\drivers\mdmxsdk.sys 2012-08-03 09:38:47 1486848 ----a-w- C:\Windows\System32\drivers\CAX_DPV.sys 2012-08-03 09:38:47 10240 ----a-w- C:\Windows\System32\drivers\XAudio64.sys 2012-08-03 09:37:19 -------- d-----w- C:\Program Files\Lenovo 2012-08-03 09:37:17 -------- d-----w- C:\Program Files (x86)\Integrated Camera Driver 2012-08-03 09:37:15 167040 ----a-w- C:\Windows\System32\drivers\5U877.sys 2012-08-03 09:37:15 142848 ----a-w- C:\Windows\System32\5U877.ax 2012-08-03 09:37:15 126976 ----a-w- C:\Windows\SysWow64\5U877.ax 2012-08-03 09:37:15 123904 ----a-w- C:\Windows\System32\5U877.dll 2012-08-03 09:34:27 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys 2012-08-03 09:18:42 40248 ----a-w- C:\Windows\System32\drivers\psadd.sys 2012-08-03 09:10:55 -------- d-----w- C:\Windows\SysWow64\Wat 2012-08-03 09:10:55 -------- d-----w- C:\Windows\System32\Wat 2012-08-03 09:10:37 -------- d-----w- C:\Program Files (x86)\Lenovo 2012-08-03 07:47:26 -------- d-----w- C:\Intel 2012-08-03 07:46:52 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-08-03 07:46:52 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-08-03 07:46:52 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-08-03 07:46:51 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-08-03 07:46:51 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-08-03 07:46:51 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-03 07:46:51 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-03 07:42:57 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2012-08-03 07:41:50 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe 2012-08-03 07:40:38 642944 ----a-w- C:\Windows\System32\winload.efi 2012-08-03 07:39:50 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2012-08-03 07:38:57 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-08-03 07:30:52 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{45C852D5-B7E7-4021-ADFE-F901E40D3D26}\mpengine.dll 2012-08-03 07:30:51 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-08-03 07:29:57 77312 ----a-w- C:\Windows\System32\packager.dll 2012-08-03 07:29:57 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-08-03 07:29:05 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-08-03 07:29:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-08-03 07:29:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-08-03 07:24:22 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-08-03 07:24:16 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-08-03 07:24:10 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-08-03 07:24:10 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-08-03 07:21:54 -------- d-----w- C:\Users\Alan\AppData\Roaming\Intel 2012-08-03 07:21:46 -------- d-----w- C:\Users\Alan\Roaming 2012-08-03 07:21:46 -------- d-----w- C:\ProgramData\Roaming 2012-08-03 07:21:06 -------- d-----w- C:\Program Files\Common Files\Intel 2012-08-03 07:21:06 -------- d-----w- C:\Program Files (x86)\Cisco 2012-08-03 07:20:32 -------- d-sh--w- C:\Windows\Installer 2012-08-03 07:19:50 -------- d-----w- C:\DRIVERS 2012-08-03 07:01:00 -------- d-----w- C:\Users\Alan\AppData\Local\Diagnostics 2012-07-30 17:32:08 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2012-07-30 17:32:08 102240 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2012-07-29 16:52:52 13504 ----a-w- C:\Windows\System32\drivers\PSVolAcc.sys 2012-07-29 16:52:32 57536 ----a-w- C:\Windows\System32\drivers\psmounter.sys . ==================== Find3M ==================== . 2012-08-05 03:56:58 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-08-05 03:56:57 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-21 19:30:02 122368 ----a-w- C:\Windows\System32\TpShEvUI.exe 2012-06-21 19:29:58 260608 ----a-w- C:\Windows\System32\TpShCPL.cpl 2012-06-21 19:29:54 478208 ----a-w- C:\Windows\System32\TpShCPL.dll 2012-06-21 19:29:50 222720 ----a-w- C:\Windows\System32\TpShocks.exe 2012-06-08 16:05:56 35616 ----a-w- C:\Windows\System32\lmimirr.dll 2012-06-08 16:05:56 14624 ----a-w- C:\Windows\System32\lmimirr2.dll 2012-06-08 16:05:56 11552 ----a-w- C:\Windows\System32\drivers\lmimirr.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:42:10 569152 ----a-w- C:\Windows\System32\drivers\iaStor.sys . ============= FINISH: 2:07:46.92 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 8/3/2012 2:39:09 AM System Uptime: 8/26/2012 3:43:57 PM (11 hours ago) . Motherboard: LENOVO | | 2537FE7 Processor: Intel® Core i5 CPU M 520 @ 2.40GHz | None | 2400/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 201.58 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Intel® Centrino® Advanced-N 6200 AGN Device ID: PCI\VEN_8086&DEV_4239&SUBSYS_13118086&REV_35\4&3934E41C&0&00E1 Manufacturer: Intel Corporation Name: Intel® Centrino® Advanced-N 6200 AGN PNP Device ID: PCI\VEN_8086&DEV_4239&SUBSYS_13118086&REV_35\4&3934E41C&0&00E1 Service: NETwNs64 . ==== System Restore Points =================== . RP78: 8/26/2012 12:00:01 AM - Scheduled Checkpoint RP79: 8/27/2012 12:45:21 AM - Configured Silicon Laboratories CP210x VCP Drivers for Windows X­šÂV RP80: 8/27/2012 12:52:09 AM - Installed Classic Shell . ==== Installed Programs ====================== . µTorrent Access Help Adobe Acrobat X Pro - English, Français, Deutsch Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Affixa Affixa 3.2012.6.24 Audacity 2.0 Banner Maker Pro Version 8 CameraHelperMsi Camtasia Studio 7 Clownfish for Skype Compatibility Pack for the 2007 Office system eReg Google Chrome GoToMeeting 5.2.0.952 Integrated Camera Driver Installer Package Ver.1.1.0.48 Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Java Auto Updater Java 7 Update 5 JavaFX 2.1.1 KeyWallet LAME v3.99.3 (for Windows) Lenovo Patch Utility Logitech Webcam Software LogMeIn LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mindjet MindManager 2012 Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service Parx.Homeloading Pixel Ruler Power Manager RICOH R5U230 Media Driver ver.2.06.02.02 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) SigmaLive Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 Skype™ 5.10 Snagit 9.1 System Update The Journal 5 ThinkPad UltraNav Utility ThinkVantage Access Connections Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) USB Display Device (Trigger Family) 12.01.0315.3679 VLC media player 2.0.3 . ==== Event Viewer Messages From Past Week ======== . 8/25/2012 5:56:31 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 8/20/2012 5:44:24 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File ===========================
  15. Hi, I have bullguard installed on my windows 7 Home Premium, if I let him scan than crashing my speakers, summarized: if I let music play then make my speakers sounds that are not normal. if I close mbam and restart my computer, that does not happen more. If I start mbam, Then it happens again.
  16. I cleaned up my computer today because it kept jumping to other web sites. I used rkill, Mlwaerbytes and AVG Internet Security 2012.They cleaned up several viruses. Now I am hearing ad's in the background. . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 6/15/2012 12:45:05 PM System Uptime: 6/21/2012 11:32:35 AM (6 hours ago) . Motherboard: Dell Inc. | | 0HF42M Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 296 GiB total, 206.497 GiB free. D: is FIXED (NTFS) - 2 GiB total, 1.975 GiB free. E: is CDROM () F: is Removable G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP14: 6/18/2012 5:50:15 AM - Windows Update RP15: 6/18/2012 10:15:29 AM - Windows Update RP16: 6/18/2012 4:19:13 PM - Installed QuickTime RP17: 6/19/2012 4:00:19 AM - Windows Update RP18: 6/19/2012 7:26:53 PM - Installed iTunes RP19: 6/20/2012 8:55:33 AM - Windows Update RP20: 6/20/2012 9:07:53 AM - Windows Update RP21: 6/20/2012 5:50:40 PM - Windows Update RP22: 6/21/2012 3:00:19 AM - Windows Update . ==== Installed Programs ====================== . AC3Filter 1.63b Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Flash Player 11 ActiveX Adobe Help Manager Adobe Widget Browser Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver bl Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink YouCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Digital Delivery DirectX 9 Runtime DivX Setup Face Filter GetFLV Pro 9.0.0.7 Google Talk Plugin Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 PDF Settings CS6 ph PowerISO QuickTime Roxio BackOnTrack Roxio BackOnTrackPE Roxio Burn - Secure Roxio CinePlayer Roxio CinePlayer Decoder Pack Roxio Creator 2012 Pro Roxio System Rollback Recovery Disk Roxio Video Capture USB Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SmartSound Common Data SmartSound Quicktracks 5 Sure Cuts A Lot 1.016 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Visual Studio 2008 x64 Redistributables Vuze Vuze Remote Toolbar WinRAR archiver Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 6/21/2012 9:52:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/21/2012 9:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/21/2012 9:52:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 6/21/2012 9:52:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/21/2012 9:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SaibVdAd64 SCDEmu spldr Wanarpv6 6/21/2012 9:52:10 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 12:23:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 12:23:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:34 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 6/21/2012 1:53:45 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 6/21/2012 1:53:45 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 6/20/2012 9:09:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670). 6/20/2012 9:07:54 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 6/20/2012 9:05:51 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/20/2012 5:45:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 6/20/2012 2:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service. 6/19/2012 9:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 6/19/2012 6:54:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 6/19/2012 4:12:51 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGLOWN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{284B2EF0-773D-47DF-887A-C0F6356C59F5}. The master browser is stopping or an election is being forced. 6/18/2012 9:58:38 AM, Error: Service Control Manager [7023] - 6/18/2012 9:55:36 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:32 AM, Error: Service Control Manager [7034] - The vToolbarUpdater11.1.0 service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:31 AM, Error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:29 AM, Error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2563227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2560656). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2425227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356). 6/18/2012 9:40:06 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0. 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521). 6/17/2012 11:48:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000406f8, 0xfffff8800401da9e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061712-21808-01. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 12:42:16 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147467243. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by BodyRoc at 17:00:10 on 2012-06-21 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1427 [GMT -4:00] . AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgfws.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mWinlogon: Userinit=userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AdobeBridge] uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: mswsock.dll TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO-X64: Vuze Remote - No File BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun-x64: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?] R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?] R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440] . =============== Created Last 30 ================ . 2012-06-21 15:28:07 -------- d--h--w- C:\$AVG 2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes 2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm 2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter 2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge 2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV 2012-06-20 18:34:08 -------- d-----w- C:\video_output 2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod 2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour 2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games 2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games 2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo! 2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions 2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple 2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn 2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat 2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat 2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios 2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games 2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search 2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics 2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM 2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.6 2012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name 2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe 2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings 2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll 2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data 2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics 2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation 2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall 2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate 2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys 2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys 2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys 2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio 2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio 2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink 2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys 2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared 2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software 2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc 2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files 2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX 2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared 2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX 2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX 2012-06-15 19:12:10 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer 2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH 2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help 2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG2012 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files 2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG2012 2012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG 2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData 2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt 2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus 2012-06-15 18:15:49 -------- d-----w- C:\Program Files (x86)\Vuze 2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE 2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit 2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit 2012-06-15 18:15:40 -------- d-----w- C:\Program Files (x86)\Vuze_Remote 2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps 2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther 2012-06-15 17:38:49 -------- d-sh--w- C:\Boot 2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco 2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer 2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll 2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO 2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e 2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys 2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys 2012-06-15 16:52:02 -------- d-----w- C:\dell . ==================== Find3M ==================== . 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 17:02:15.89 =============== Attach.txt DDS.txt
  17. Program causes critical error and stops windows. attach.txtdds.txt . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Owner at 9:34:33 on 2012-05-20 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.295 [GMT -7:00] . AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe svchost.exe C:\WINDOWS\Digidesign\Drivers\MMERefresh.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\stsystra.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\WEBFET~2\bar\1.bin\ybbrmon.exe C:\Program Files\Kodak\KODAK Share Button App\Listener.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE C:\Program Files\QuickTime\QTTask.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Owner.Thomzlap\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\MarkSpace\Missing Sync for Palm Pre\MSPPSyncMarshaller.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Money Plus\MNYCoreFiles\msmoney.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner.Thomzlap\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.searchqu.com/406 uWindow Title = Internet Explorer, optimized for Bing and MSN uDefault_Page_URL = hxxp://www.msn.com uInternet Connection Wizard,ShellNext = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6959 uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6959 uURLSearchHooks: H - No File uURLSearchHooks: N/A: {d664042c-ca70-48b6-afc9-24a4212d5e43} - c:\program files\webfettiie\bar\1.bin\ybSrcAs.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL BHO: AddThis Toolbar BHO: {9ebf8aaf-0a31-4786-909a-97a0ef101743} - c:\program files\addthis toolbar\Toolbar.dll BHO: Search Assistant BHO: {a504d73b-32d5-4b53-9dfc-0891be7653f0} - c:\program files\webfettiie\bar\1.bin\ybSrcAs.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Toolbar BHO: {d826715f-a629-4613-a641-5ca18e8b2f7a} - c:\progra~1\webfet~2\bar\1.bin\ybbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: Webfetti: {94fc3fb2-3e5c-4b8f-aaee-17090ce800bc} - c:\program files\webfettiie\bar\1.bin\ybbar.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: AddThis Toolbar: {b43176cc-4d9e-493b-a636-d9cbfe39c6da} - c:\program files\addthis toolbar\Toolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\owner.thomzlap\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" uRun: [Akamai NetSession Interface] "c:\documents and settings\owner.thomzlap\local settings\application data\akamai\netsession_win.exe" uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [ooVoo.exe] c:\program files\oovoo\oovoo.exe /minimized uRun: [chromium] c:\documents and settings\owner.thomzlap\local settings\application data\google\chrome\application\chrome.exe --no-startup-window mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [synTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [WebfettiIE Browser Plugin Loader] c:\progra~1\webfet~2\bar\1.bin\ybbrmon.exe mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe mRun: [uSB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [snpstd3] c:\windows\vsnpstd3.exe mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe" mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [DigidesignMMERefresh] c:\windows\digidesign\drivers\MMERefresh.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\owner~1.tho\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\owner.thomzlap\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\owner~1.tho\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\themis~1.lnk - c:\program files\markspace\missing sync for palm pre\SyncMarshallerLauncher.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: &Search - http://tbedits.webfetti.com/one-toolbaredits/menusearch.jhtml?s=100000418&p=ZKxdm568YYUS&si=&a=4F763FC8-F975-40DB-B60A-D5CEEB8FAD80&n=2010120919 IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204 IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: Send to Phone - c:\program files\telenav\telenav address plugin\sendlocation.htm IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204 IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.15.1 TCP: Interfaces\{2D34F4A8-99A0-4B02-B1D2-62AC2B81F217} : DhcpNameServer = 192.168.15.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll Notify: LMIinit - LMIinit.dll AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll c:\progra~1\google\google~1\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064] R1 MpKsl08385f1a;MpKsl08385f1a;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9b982ed-58ce-4c64-9811-0c89d0f7cfc0}\MpKsl08385f1a.sys [2012-5-20 29904] R2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [2012-4-15 16400] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-10-10 54760] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-9-17 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-10-27 47640] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.17.20\ccSvcHst.exe [2012-2-12 126392] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S1 azzdxkkk;azzdxkkk;\??\c:\windows\system32\drivers\azzdxkkk.sys --> c:\windows\system32\drivers\azzdxkkk.sys [?] S1 iqfewtuc;iqfewtuc;\??\c:\windows\system32\drivers\iqfewtuc.sys --> c:\windows\system32\drivers\iqfewtuc.sys [?] S1 kdlmugcj;kdlmugcj;\??\c:\windows\system32\drivers\kdlmugcj.sys --> c:\windows\system32\drivers\kdlmugcj.sys [?] S1 kotqnrvk;kotqnrvk;\??\c:\windows\system32\drivers\kotqnrvk.sys --> c:\windows\system32\drivers\kotqnrvk.sys [?] S1 ruyebwti;ruyebwti;\??\c:\windows\system32\drivers\ruyebwti.sys --> c:\windows\system32\drivers\ruyebwti.sys [?] S1 ryxeaezr;ryxeaezr;\??\c:\windows\system32\drivers\ryxeaezr.sys --> c:\windows\system32\drivers\ryxeaezr.sys [?] S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?] S1 slajjwms;slajjwms;\??\c:\windows\system32\drivers\slajjwms.sys --> c:\windows\system32\drivers\slajjwms.sys [?] S1 uvtttvrq;uvtttvrq;\??\c:\windows\system32\drivers\uvtttvrq.sys --> c:\windows\system32\drivers\uvtttvrq.sys [?] S1 wtzwdpfc;wtzwdpfc;\??\c:\windows\system32\drivers\wtzwdpfc.sys --> c:\windows\system32\drivers\wtzwdpfc.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-15 158856] S3 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-6-17 14336] S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2009-11-3 340480] S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2009-11-3 48768] S3 dalwdmservice;dal service;c:\windows\system32\drivers\Dalwdm.sys [2012-4-15 97808] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-11 40776] S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys --> c:\windows\system32\drivers\mbx2midk.sys [?] S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560] S4 CLEARWIRERcAppSvc;Clearwire RcAppSvc;"c:\program files\clearwire\connection manager\rcappsvc.exe" /n "clearwirercappsvc" --> c:\program files\clearwire\connection manager\RcAppSvc.exe [?] S4 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-8-15 30192] S4 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-12-8 374152] S4 LMIRfsClientNP;LMIRfsClientNP; [x] S4 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\engine\2.0.17.20\SymcPCCULaunchSvc.exe [2012-2-12 135608] . =============== Created Last 30 ================ . 2012-05-20 12:05:53 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9b982ed-58ce-4c64-9811-0c89d0f7cfc0}\offreg.dll 2012-05-20 12:05:53 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9b982ed-58ce-4c64-9811-0c89d0f7cfc0}\MpKsl08385f1a.sys 2012-05-20 12:01:54 6737808 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9b982ed-58ce-4c64-9811-0c89d0f7cfc0}\mpengine.dll 2012-05-18 18:59:08 6737808 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-05-15 18:11:28 -------- d-----w- c:\documents and settings\owner.thomzlap\application data\DDMSettings 2012-05-11 15:39:38 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-05-01 10:26:49 73728 ----a-w- c:\windows\system32\javacpl.cpl . ==================== Find3M ==================== . 2012-05-01 10:26:20 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-11 13:14:41 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:35:51 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-21 03:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:01:32 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec . ============= FINISH: 9:36:53.31 ===============
  18. I am using Windows 7 and this is my first time using Malwarebytes. After scan, there is a button to show all results. When i click on it, they say that i can delete the files. When i press delete, nothing happens and after a minute windows prompts me that Malwarebytes has crashed. I have done everything stated in section L of the FAQ but it doesn't work. I tried it on 2 separate computers. Both are not working. Please help me thanks! There are many infections
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.