Jump to content

mbam shuts down after 11 sec


Recommended Posts

I was looking at registry repair software and clicked to try and now I have a nasty virus. Unfortunately antivirus had been shut off when installing something and wasn't turned back on. Don't know if that's where it came from or if kids clicked something else before I got on today. When I try to run mbam it shuts down after about 11 sec and if I try to run again I get an error message, something about not having permission to run this program. When I reload I can run for abt 11 sec again. No infected files come up before it closes. Internet search has been hijacked as well. Tried running in safe mode, same problems. I don't have mbam log or a gmer log (it shut down gmer down as well) but have the dds. I've learned my lesson and have already purchased full version of mbam. Here's what I have:

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Welburn at 10:10:13 on 2011-10-05

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2292 [GMT -5:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\2667600459:3030777696.exe

C:\WINDOWS\System32\svchost.exe -k NetworkService

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\ATT-SST\McciTrayApp.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Kodak\KODAK Share Button App\Listener.exe

C:\Program Files\V-Stream\PVR Plus\TVR\Scheduled.exe

svchost.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\WINDOWS\System32\svchost.exe -k Akamai

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe

C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

C:\WINDOWS\system32\FsUsbExService.Exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Maxtor\Sync\SyncServices.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

C:\WINDOWS\system32\slserv.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\tbh\monitor\bin\tbhMonitor.exe

C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

C:\WINDOWS\system32\UAService7.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe

c:\Program Files\tbh\base\bin\tbhDaemon.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\system32\MsiExec.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com/?pc=Z023&form=ZGAPHP

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uDefault_Page_URL = hxxp://www.msn.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = 127.0.0.1;localhost

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: AutorunsDisabled - No File

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: BlspcHlpr Class: {15c9938f-cb96-496d-800a-b827f2e34ea1} - c:\program files\att internet tools\blspc_win32.dll

BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: eMusic Toolbar: {9ee802e8-c931-47ab-b570-aa8f791598ca} - c:\program files\emusic\prxtbeMu0.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"

uRun: [EA Core] c:\program files\electronic arts\eadm\Core.exe -silent

uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe

uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet

uRun: [uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S

uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

uRun: [Reminder] c:\program files\microsoft money\system\reminder.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [nwiz] nwiz.exe /install

mRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [gcasServ] "c:\program files\microsoft antispyware\gcasServ.exe"

mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [NPSStartup]

mRun: [TaskTray]

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [YOP] c:\progra~1\yahoo!\yop\yop.exe /autostart

mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe

mRun: [PVR Agent] c:\program files\v-stream\pvr plus\tvr\Scheduled.exe

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [NapsterShell] c:\program files\napster\napster.exe /systray

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [inCD] c:\program files\ahead\incd\InCD.exe

mRun: [EEventManager] c:\program files\epson\creativity suite\event manager\EEventManager.exe

mRun: [bJCFD] c:\program files\broadjump\client foundation\CFD.exe

mRun: [AT&T Yahoo! Dial Connection Manager] c:\program files\sbc yahoo!\connection manager\ConnectionManager.exe

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

dRunOnce: [RunNarrator] Narrator.exe

StartupFolder: c:\docume~1\welburn\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe

StartupFolder: c:\documents and settings\welburn\start menu\programs\startup\PowerReg Scheduler.exe

StartupFolder: c:\docume~1\welburn\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\person~1.lnk - c:\program files\broderbund\mavis beacon teaches typing 15\minimavis.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sbcsel~1.lnk - c:\program files\sbc self support tool\bin\matcli.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\viarai~1.lnk - c:\program files\via\raid\raid_tool.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ymetray.lnk - c:\program files\yahoo!\yahoo! music jukebox\ymetray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\timesu~1.lnk - c:\windows\installer\{837da79c-b12b-4709-9b9b-16d1468e418a}\_79F931C029ED8E76188721.exe

uPolicies-explorer: LWA = 0 (0x0)

uPolicies-explorer: LWB = 0 (0x0)

uPolicies-explorer: LWC = 0 (0x0)

uPolicies-explorer: LWD = 0 (0x0)

uPolicies-explorer: LWE = 0 (0x0)

uPolicies-explorer: LWF = 0 (0x0)

uPolicies-explorer: LWG = 0 (0x0)

uPolicies-explorer: LWH = 0 (0x0)

uPolicies-explorer: LWI = 0 (0x0)

uPolicies-explorer: LWJ = 0 (0x0)

uPolicies-explorer: LWK = 0 (0x0)

uPolicies-explorer: LWL = 0 (0x0)

uPolicies-explorer: LWM = 0 (0x0)

uPolicies-explorer: LWN = 0 (0x0)

uPolicies-explorer: LWO = 0 (0x0)

uPolicies-explorer: LWP = 0 (0x0)

uPolicies-explorer: LWQ = 0 (0x0)

uPolicies-explorer: LWR = 0 (0x0)

uPolicies-explorer: LWS = 0 (0x0)

uPolicies-explorer: LWT = 0 (0x0)

uPolicies-explorer: LWU = 0 (0x0)

uPolicies-explorer: LWV = 0 (0x0)

uPolicies-explorer: LWW = 0 (0x0)

uPolicies-explorer: LWX = 0 (0x0)

uPolicies-explorer: LWY = 0 (0x0)

uPolicies-explorer: LWZ = 0 (0x0)

uPolicies-system: DisableClock = 0 (0x0)

mPolicies-system: HideFastUserSwitching = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38e51477-ddb4-4aed-9d61-d0c193e10749}\inprocserver32 does not exist!

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - c:\program files\playsushi\PSText.dll

LSP: mswsock.dll

Trusted Zone: doginhispen.com

Trusted Zone: intuit.com

Trusted Zone: turbotax.com

Trusted Zone: whataboutadog.com

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - c:\program files\yahoo!\common\yucconfig.dll

DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab

DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - hxxp://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189272079875

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189272021031

DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{68E43EBC-CE76-4618-8C0B-00A7CF5599DD} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{FE02EF92-D773-422D-99A6-FCAEA43B90CB} : DhcpNameServer = 192.168.1.254

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Handler: AutorunsDisabled\junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - c:\program files\juno\bin\jmsgpph.dll

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: AutorunsDisabled - WgaLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft.AntiSpyware.ShellExecuteHook.1: {9ef34ff2-3396-4527-9d27-04c8c1c67806} - c:\program files\microsoft antispyware\shellextension.dll

LSA: Notification Packages = :\windows\system32\srr scecli

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\welburn\application data\mozilla\firefox\profiles\cl0a9qbc.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?service=cl&passive=1209600&continue=http://www.google.com/calendar/render&followup=http://www.google.com/calendar/render

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\photodex presenter\npPxPlay.dll

FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2005-1-22 77312]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-12-10 14336]

R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]

R2 CX88XBAR;V-Stream 2388x Crossbar;c:\windows\system32\drivers\cx88xbar.sys [2005-7-13 8960]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-12-8 238952]

R2 IOPort;IOPort;c:\windows\system32\drivers\IOPORT.SYS [1998-11-27 6144]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-14 366152]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]

R2 tbhMonitor.exe;The Browser Highlighter Monitor;c:\program files\tbh\monitor\bin\tbhMonitor.exe [2010-5-24 70952]

R2 TimesUpKidz;TimesUpKidz;c:\program files\rain city digital llc\timesupkidz\TimesUpKidzServer.exe [2010-12-19 11264]

R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-5-20 210144]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-12-8 36608]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-14 22216]

R3 MusCDriverV32;MusCDriverV32;c:\windows\system32\drivers\MusCDriverV32.sys [2008-7-30 508544]

R3 MusCVideo32;MusCVideo32;c:\windows\system32\drivers\MusCVideo32.sys [2008-7-30 3768]

S2 EITUACService;EITUACService;"c:\program files\it works\ez internet timer\eituacservice.exe" ezinternettimer_service --> c:\program files\it works\ez internet timer\EITUACService.exe [?]

S2 EzEITService;EzEITService;"c:\program files\it works\ez internet timer\ezeitservice.exe" ezinternettimer_service --> c:\program files\it works\ez internet timer\EzEITService.exe [?]

S2 gupdate1ca957affc02854;Google Update Service (gupdate1ca957affc02854);c:\program files\google\update\GoogleUpdate.exe [2010-1-14 133104]

S2 NProtectService;Norton Unerase Protection;"c:\program files\norton antivirus\advtools\nprotect.exe" --> c:\program files\norton antivirus\advtools\NPROTECT.EXE [?]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]

S3 cpuz130;cpuz130;\??\c:\docume~1\welburn\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\welburn\locals~1\temp\cpuz130\cpuz_x32.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-14 133104]

S3 krdpdre;krdpdre;\??\c:\docume~1\welburn\locals~1\temp\krdpdre.sys --> c:\docume~1\welburn\locals~1\temp\krdpdre.sys [?]

S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2010-8-28 38976]

S3 SoundMovieServer;SoundMovieServer;c:\windows\system32\snmvtsvc.exe [2008-7-30 184320]

S3 SQTECH913D;913D Camera;c:\windows\system32\drivers\Capt913d.sys [2009-5-13 29522]

S3 TCFilter;TCFilter;c:\windows\system32\drivers\tcfilter.sys --> c:\windows\system32\drivers\tcfilter.sys [?]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2011-10-05 14:35:12 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-05 14:08:30 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-10-05 14:08:30 -------- d-----w- c:\windows\system32\wbem\Repository

2011-10-05 14:08:13 -------- d-----w- c:\documents and settings\welburn\application data\Uniblue

2011-10-05 13:03:49 -------- d-----w- c:\documents and settings\all users\application data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}(2)

2011-10-04 03:36:25 -------- d-----w- c:\windows\Performance

2011-10-04 03:36:02 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2011-09-29 04:56:36 -------- d-----w- c:\documents and settings\welburn\application data\Sony Creative Software Inc

2011-09-29 04:55:05 -------- d-----w- c:\documents and settings\welburn\application data\NetMedia Providers

2011-09-29 04:34:22 -------- d-----w- c:\program files\iZotope

2011-09-29 03:57:48 -------- d-----w- c:\documents and settings\welburn\TruePianos Settings

2011-09-29 03:51:23 697690 ----a-w- c:\windows\unins000.exe

2011-09-29 03:35:58 -------- d-----w- c:\documents and settings\welburn\application data\ElevatedDiagnostics

2011-09-28 03:56:10 -------- d-----w- c:\program files\Microsoft

2011-09-27 12:45:55 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2011-09-27 12:45:45 45568 -c----w- c:\windows\system32\dllcache\wab.exe

2011-09-27 12:45:27 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2011-09-27 12:44:45 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2011-09-27 12:43:45 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2011-09-27 12:43:44 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2011-09-27 12:42:21 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2011-09-26 21:07:40 -------- d-----w- C:\tmp

2011-09-21 21:45:16 -------- d-----w- c:\program files\Blender Foundation

2011-09-21 21:42:28 -------- d-----w- c:\program files\Blender

2011-09-19 21:25:27 -------- d-----w- c:\documents and settings\welburn\application data\SPORE

2011-09-19 03:17:52 -------- d-----w- c:\documents and settings\welburn\application data\Superfish

2011-09-13 20:03:45 -------- d-----w- c:\program files\Harmonic Vision

2011-09-09 09:12:13 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll

2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2011-09-05 17:04:56 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2011-10-04 19:59:24 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-20 00:20:13 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL

2011-09-19 21:25:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2011-09-12 01:24:25 848 --sha-w- c:\windows\system32\KGyGaAvL.sys

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-03-14 20:05:02 11180632 ----a-w- c:\program files\audacity-win-1.3.12.exe

2010-08-28 16:51:49 17344560 ----a-w- c:\program files\kw65ew.exe

2010-07-09 05:37:12 8364046 ----a-w- c:\program files\enuffpc.exe

2007-12-07 13:15:50 16691440 ----a-w- c:\program files\psgold_32_2047.exe

.

============= FINISH: 10:11:39.71 ===============

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.