Jump to content

Virus won't allow Malwarebytes to run.


dscan

Recommended Posts

A couple weeks ago I got a nasty rootkit/spyware/worm, whatever. This would all be solved if I could run MB, but I can't because after scanning for 5 seconds, the virus closes the program and deletes all main files. I've tried running it in safe mode, changing the mbam.exe name, re-installing, EVERYTHING! I really want to be able to use Malwarebytes and finally get rid of this thing. I can't run Hijackthis either, same thing happens. Sorry, no log. Any suggestions would be great, thanks.

I was able to run System Repar Engineer, here's the log:

2009-09-23,15:52:14

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<uTorrent><"C:\Program Files\uTorrent\uTorrent.exe"> [(Verified)BitTorrent Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<AzMixerSel><; C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe> [Realtek Semiconductor Corp.]
<SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><C:\WINDOWS\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
<WinlogonNotify: avgrsstarter><avgrsstx.dll> [(Verified)AVG Technologies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{BF56A325-23F2-42AD-F4E4-00AAC39CAA53}><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45fc8842-ee48-916a-067d-44e3ea383464}]
<N/A><C:\WINDOWS\system32\3232.exe> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
N/A

==================================
Services
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[AVG Free8 E-mail Scanner / avg8emc][Stopped/Auto Start]
<C:\PROGRA~1\AVG\AVG8\avgemc.exe><(File is missing)>
[AVG Free8 WatchDog / avg8wd][Stopped/Auto Start]
<C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe><(File is missing)>
[Bonjour Service / Bonjour Service][Running/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[iPod Service / iPod Service][Running/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[IviRegMgr / IviRegMgr][Running/Auto Start]
<C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe><InterVideo>
[Java Quick Starter / javaquickstarterservice][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Lavasoft Ad-Aware Service / Lavasoft Ad-Aware Service][Stopped/Auto Start]
<"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"><(File is missing)>
[Viewpoint Manager Service / Viewpoint Manager Service][Running/Auto Start]
<"C:\Program Files\Viewpoint\Common\ViewpointService.exe"><Viewpoint Corporation>

==================================
Drivers
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.>
[Atheros AR5008 Wireless Network Adapter Service / AR5416][Running/Manual Start]
<system32\DRIVERS\athw.sys><Atheros Communications, Inc.>
[asc / asc][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[AVG Free AVI Loader Driver x86 / AvgLdx86][Running/System Start]
<\SystemRoot\System32\Drivers\avgldx86.sys><AVG Technologies CZ, s.r.o.>
[AVG Free On-access Scanner Minifilter Driver x86 / AvgMfx86][Running/System Start]
<\SystemRoot\System32\Drivers\avgmfx86.sys><AVG Technologies CZ, s.r.o.>
[AVG Free8 Network Redirector / AvgTdiX][Running/System Start]
<\SystemRoot\System32\Drivers\avgtdix.sys><AVG Technologies CZ, s.r.o.>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[d1e2F / d1e2F][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\d1e2F.sys><N/A>
[dac2w2k / dac2w2k][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[Dritek Keyboard Filter Driver / DKbFltr][Stopped/Manual Start]
<system32\DRIVERS\DKbFltr.sys><N/A>
[e2010a49 / e2010a49][Stopped/System Start]
<\SystemRoot\System32\drivers\e2010a49.sys><N/A>
[GEAR ASPI Filter Driver / GEARAspiWDM][Stopped/Manual Start]
<system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\igxpmp32.sys><Intel Corporation>
[int15.sys / int15.sys][Stopped/Manual Start]
<\??\C:\Acer\Empowering Technology\eRecovery\int15.sys><N/A>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[JMCR / JMCR][Stopped/Manual Start]
<system32\DRIVERS\jmcr.sys><JMicron Technology Corporation>
[ManyCam Virtual Webcam, WDM Video Capture Driver / ManyCam][Running/Manual Start]
<system32\DRIVERS\ManyCam.sys><ManyCam LLC.>
[mraid35x / mraid35x][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[Mouse Suite Driver / pelmouse][Running/Manual Start]
<system32\DRIVERS\pelmouse.sys><Primax Electronics Ltd.>
[USB Mouse Low Filter Driver / pelusblf][Running/Manual Start]
<system32\DRIVERS\pelusblf.sys><Primax Electronics Ltd.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[ql1080 / ql1080][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation>
[ql12160 / ql12160][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation>
[rootrepeal / rootrepeal][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\rootrepeal.sys><N/A>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
<system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SASKUTIL / SASKUTIL][Stopped/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><N/A>
[Helper driver for SDT-Tool / SDTHelper][Stopped/Manual Start]
<\??\C:\DOCUME~1\Derek\LOCALS~1\Temp\Rar$EX00.703\sdthlpr.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SIS AGP Bus Filter / sisagp][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation>
[USB2.0 PC Camera (SNP2UVC) / SNP2UVC][Running/Manual Start]
<system32\DRIVERS\snp2uvc.sys><>
[Sparrow / Sparrow][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[symc810 / symc810][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic>
[sym_hi / sym_hi][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TVICHW32 / TVICHW32][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS><EnTech Taiwan>
[ultra / ultra][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.>

==================================
Browser Add-ons
[Java Plug-in 1.6.0_13]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Send to OneNote from Internet Explorer button]
{2670000a-7350-4f3c-8081-5663ee0c6c49} <C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>
[&Research]
{92780b25-18cc-41c8-b9be-3c9c571a8263} <C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
{DE9C389F-3316-41A7-809B-AA305ED9D922} <, >
[Java Plug-in 1.6.0_13]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_13]
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_13]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_13.dll, (Signed) Sun Microsystems, Inc.>
[]
{078461d4-7cac-4d3c-89a8-a3b241f7b654} <, >
[]
{089FD14D-132B-48FC-8861-0048AE113215} <, >
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
{0BF43445-2F28-4351-9252-17FE6E806AA0} <, >
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
{2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{33c943c5-d13e-4479-833f-92ff29e2641d} <, >
[]
{377C180E-6F0E-4D4C-980F-F45BD3D40CF4} <, >
[]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <, >
[]
{6226ba26-c017-4007-928c-de9715c6fa68} <, >
[]
{714758be-281e-4bda-9190-413bfbd3399b} <, >
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} <, >
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
{88D969C1-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XSL Template 4.0]
{88D969C3-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
{88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XSL Template 5.0]
{88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
{88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
{a72ee337-52e6-4b8e-ae79-838a0184f57d} <, >
[]
{BF56A325-23F2-42AD-F4E4-00AAC39CAA53} <, >
[Adobe PDF Reader]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[]
{cf40acc5-e1bb-4aff-ac72-04c2f616bca7} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <, >
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <, >
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document 3.0]
{f5078f32-c551-11d3-89b9-0000f81fe221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[e&xport to microsoft excel]
<res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 744 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 792 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 816 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\avgrsstx.dll] [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 860 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 872 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1028 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1080 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1120 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1196 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[PID: 1256 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1472 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1612 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.12.36.0]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[PID: 1624 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[PID: 1672 / SYSTEM][C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe] [InterVideo, 1, 0, 4, 0]
[PID: 1696 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[PID: 1784 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1836 / SYSTEM][C:\Program Files\Viewpoint\Common\ViewpointService.exe] [Viewpoint Corporation, 2, 0, 0, 54]
[PID: 212 / Derek][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll] [N/A, ]
[C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll] [N/A, ]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.0.0.2008061100]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\system32\igfxpph.dll] [Intel Corporation, 6.14.10.4926]
[C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4926]
[C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4926]
[C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 6.14.10.4926]
[C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4926]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\WINDOWS\system32\icm32.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\Program Files\malware censoreding work\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 2, 0, 0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\PowerISO\PWRISOSH.DLL] [PowerISO Computing, Inc., 4, 3, 0, 0]
[C:\Program Files\AVG\AVG8\avgse.dll] [AVG Technologies CZ, s.r.o., 8.5.0.401]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[PID: 1456 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[PID: 316 / Derek][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 8.1.1.10]
[C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 8.1.1.10]
[C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 8.1.1.10]
[C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.6 (1292)]
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 205.7.0.19]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 340 / Derek][C:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.130.3]
[PID: 380 / Derek][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1480 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 8.1.1.10]
[C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL] [Apple Inc., 8.1.1.10]
[C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 8.1.1.10]
[PID: 2464 / SYSTEM][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2760 / Derek][C:\WINDOWS\system32\wscntfy.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 3480 / Derek][C:\Program Files\foobar2000\foobar2000.exe] [, 0, 9, 6, 8]
[C:\Program Files\foobar2000\shared.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_converter.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_albumlist.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_cdda.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_rgscan.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_prettypop.dll] [, 1, 2, 4, 0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\be311683f8795a49a5c59a5d64013887\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\foobar2000\components\foo_dsp_std.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_input_std.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_ui_std.dll] [N/A, ]
[C:\Program Files\foobar2000\components\foo_audioscrobbler.dll] [Last.fm, 2, 3, 1, 2]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\83a0047c02b6604fbef5211007657704\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c65cdb6a63346c4d862e3e03e3aebfad\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8be61d4f8fc9bd4c8cafa517d19ab8d5\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 3812 / Derek][C:\Program Files\Last.fm\LastFM.exe] [Last.fm, 1.5.4.24567]
[C:\Program Files\Last.fm\Moose1.dll] [N/A, ]
[C:\Program Files\Last.fm\LastFmTools1.dll] [N/A, ]
[C:\Program Files\Last.fm\QtSql4.dll] [N/A, ]
[C:\Program Files\Last.fm\QtCore4.dll] [N/A, ]
[C:\Program Files\Last.fm\Microsoft.VC80.CRT\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Last.fm\Microsoft.VC80.CRT\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Last.fm\QtXml4.dll] [N/A, ]
[C:\Program Files\Last.fm\QtGui4.dll] [N/A, ]
[C:\Program Files\Last.fm\QtNetwork4.dll] [N/A, ]
[C:\Program Files\Last.fm\breakpad.dll] [N/A, ]
[C:\Program Files\Last.fm\LastFmFingerprint1.dll] [N/A, ]
[C:\Program Files\Last.fm\libfftw3f-3.dll] [N/A, ]
[C:\Program Files\Last.fm\zlibwapi.dll] [, 1.2.3.0]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Last.fm\srv_httpinput.dll] [N/A, ]
[C:\Program Files\Last.fm\srv_madtranscode.dll] [N/A, ]
[C:\Program Files\Last.fm\srv_rtaudioplayback.dll] [N/A, ]
[C:\Program Files\Last.fm\imageformats\qgif4.dll] [N/A, ]
[C:\Program Files\Last.fm\imageformats\qjpeg4.dll] [N/A, ]
[C:\Program Files\Last.fm\imageformats\qmng4.dll] [N/A, ]
[C:\Program Files\Last.fm\ext_messengernotify.dll] [N/A, ]
[C:\Program Files\Last.fm\ext_skypenotify.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 3820 / Derek][C:\Program Files\uTorrent\uTorrent.exe] [BitTorrent, Inc., 1.8.3.15772]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 2452 / Derek][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.1.3]
[C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.1.3]
[C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.6.10]
[C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.8]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.3.1]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.8]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.8]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.1.3]
[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.1.3]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.1.3]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.75]
[C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll] [, ]
[PID: 3920 / Derek][C:\DOCUME~1\Derek\LOCALS~1\Temp\Rar$EX01.782\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[PID: 1220 / Derek][C:\DOCUME~1\Derek\LOCALS~1\Temp\Rar$EX01.782\SREfedfa777.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\DOCUME~1\Derek\LOCALS~1\Temp\Rar$EX01.782\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[\\?\globalroot\Device\__max++>\7B02028C.x86.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 200 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)]

==================================
File Associations
.TXT Error. [Notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1836, C:\PROGRAM FILES\VIEWPOINT\COMMON\VIEWPOINTSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3480, C:\PROGRAM FILES\FOOBAR2000\FOOBAR2000.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3812, C:\PROGRAM FILES\LAST.FM\LASTFM.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3920, C:\DOCUME~1\DEREK\LOCALS~1\TEMP\RAR$EX01.782\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] urpcufht.job
C:\WINDOWS\system32\rundll32.exe
[Enabled] Ad-Aware Update (Weekly).job
C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

==================================
Windows Security Update Check
KB892130, Windows Genuine Advantage Validation Tool (KB892130)
KB940157, Windows Search 4.0 for Windows XP (KB940157)
KB951748, Security Update for Windows XP (KB951748) MS08-037
KB958687, Security Update for Windows XP (KB958687) MS09-001
KB960225, Security Update for Windows XP (KB960225) MS09-007
KB967715, Update for Windows XP (KB967715)
KB909520, Microsoft Base Smart Card Cryptographic Service Provider Package: x86 (KB909520)
KB923561, Security Update for Windows XP (KB923561) MS09-010
KB956572, Security Update for Windows XP (KB956572) MS09-012
KB952004, Security Update for Windows XP (KB952004) MS09-012
KB960803, Security Update for Windows XP (KB960803) MS09-013
KB959426, Security Update for Windows XP (KB959426) MS09-015
KB961501, Security Update for Windows XP (KB961501) MS09-022
KB968537, Security Update for Windows XP (KB968537) MS09-025
KB970238, Security Update for Windows XP (KB970238) MS09-026
KB951847, Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
KB971633, Security Update for Windows XP (KB971633) MS09-028
KB973346, Cumulative Security Update for ActiveX Killbits for Windows XP (KB973346) MS09-032
KB972260, Cumulative Security Update for Internet Explorer 7 for Windows XP (KB972260) MS09-034
KB968389, Update for Windows XP (KB968389)
KB971557, Security Update for Windows XP (KB971557) MS09-038
KB973540, Security Update for Windows XP Service Pack 3 (KB973540) MS09-037
KB973869, Security Update for Windows XP (KB973869) MS09-037
KB956744, Security Update for Windows XP (KB956744) MS09-044
KB973354, Security Update for Windows XP (KB973354) MS09-037
KB973507, Security Update for Windows XP (KB973507) MS09-037
KB960859, Security Update for Windows XP (KB960859) MS09-042
KB973815, Security Update for Windows XP (KB973815) MS09-037
KB971657, Security Update for Windows XP (KB971657) MS09-041
KB970653, Update for Windows XP (KB970653)
KB961371, Security Update for Windows XP (KB961371) MS09-029
KB944036, Internet Explorer 8 for Windows XP
KB956844, Security Update for Windows XP (KB956844) MS09-046
KB890830, Windows Malicious Software Removal Tool - September 2009 (KB890830)
KB971961, Security Update for Jscript 5.7 for Windows XP (KB971961) MS09-045
KB968816, Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB968816) MS09-047
KB931125, Update for Root Certificates [September 2009] (KB931125)
KB892130, Windows Genuine Advantage Validation Tool (KB892130)
KB940157, Windows Search 4.0 for Windows XP (KB940157)
KB951748, Security Update for Windows XP (KB951748) MS08-037
KB958687, Security Update for Windows XP (KB958687) MS09-001
KB960225, Security Update for Windows XP (KB960225) MS09-007
KB967715, Update for Windows XP (KB967715)
KB909520, Microsoft Base Smart Card Cryptographic Service Provider Package: x86 (KB909520)
KB923561, Security Update for Windows XP (KB923561) MS09-010
KB956572, Security Update for Windows XP (KB956572) MS09-012
KB952004, Security Update for Windows XP (KB952004) MS09-012
KB960803, Security Update for Windows XP (KB960803) MS09-013
KB959426, Security Update for Windows XP (KB959426) MS09-015
KB961501, Security Update for Windows XP (KB961501) MS09-022
KB968537, Security Update for Windows XP (KB968537) MS09-025
KB970238, Security Update for Windows XP (KB970238) MS09-026
KB951847, Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
KB971633, Security Update for Windows XP (KB971633) MS09-028
KB973346, Cumulative Security Update for ActiveX Killbits for Windows XP (KB973346) MS09-032
KB972260, Cumulative Security Update for Internet Explorer 7 for Windows XP (KB972260) MS09-034
KB968389, Update for Windows XP (KB968389)
KB971557, Security Update for Windows XP (KB971557) MS09-038
KB973540, Security Update for Windows XP Service Pack 3 (KB973540) MS09-037
KB973869, Security Update for Windows XP (KB973869) MS09-037
KB956744, Security Update for Windows XP (KB956744) MS09-044
KB973354, Security Update for Windows XP (KB973354) MS09-037
KB973507, Security Update for Windows XP (KB973507) MS09-037
KB960859, Security Update for Windows XP (KB960859) MS09-042
KB973815, Security Update for Windows XP (KB973815) MS09-037
KB971657, Security Update for Windows XP (KB971657) MS09-041
KB970653, Update for Windows XP (KB970653)
KB961371, Security Update for Windows XP (KB961371) MS09-029
KB944036, Internet Explorer 8 for Windows XP
KB956844, Security Update for Windows XP (KB956844) MS09-046
KB890830, Windows Malicious Software Removal Tool - September 2009 (KB890830)
KB971961, Security Update for Jscript 5.7 for Windows XP (KB971961) MS09-045
KB968816, Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB968816) MS09-047
KB931125, Update for Root Certificates [September 2009] (KB931125)

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.