[Resolved] Help!!

  • 49 Replies
  • 16842 Views
*

Offline stogie53

  • Bronze Member
  • 30
[Resolved] Help!!
« on: April 04, 2011, 06:16:00 PM »
Here is my Hijack this log. My PC after its been on for awhile all of the sudden different programs stop working! Avast Itunes etc....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:41:56 PM, on 4/4/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GreenPrint\gpsrdg01.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
C:\Program Files\Common Files\logishrd\LComMgr\LVComSX.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NetworkIndicator\NetworkIndicator.exe
C:\Users\Joe\Desktop\DesktopOK.exe
C:\Users\Joe\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Users\Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\XWindows Dock\XWD.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Users\Joe\Desktop\HijackThis.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - {9e3f670b-884b-4776-a19f-d363c9a4145c} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XmarksThumbnailsDLLBHO - {1BD0BEFE-F697-4eee-B7E1-76B849A5CB84} - C:\Program Files\Xmarks\Thumbnails for IE\xmarksthumbnails.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NetworkIndicator] C:\Program Files\NetworkIndicator\NetworkIndicator.exe
O4 - HKCU\..\Run: [Epson Stylus NX510(Network)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "C:\Windows\TEMP\E_SC5ED.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Joe\Desktop\DesktopOK.exe"  -bg -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Joe\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
O4 - HKCU\..\Run: [Core Temp] "C:\Core Temp\Core Temp.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex (User 'Default user')
O4 - Startup: Dropbox.lnk = Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: XWindows Dock.lnk = C:\Program Files\XWindows Dock\XWD.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Joe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Joe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://novastor.cleverreach.com
O15 - Trusted Zone: http://*.google-analytics.com
O15 - Trusted Zone: http://*.novastor.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AirPrint - Apple Inc. - C:\Program Files\AirPrint\airprint.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - Unknown owner - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Firefox Service - Unknown owner - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\u36cr1xu.default\extensions\startup.service@mozilla.com\svc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
O23 - Service: GreenPrint - GreenPrint Technologies LLC. - C:\Program Files\GreenPrint\GPSRHT01.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: OO DiskImage - Unknown owner - C:\Program Files\OO Software\DiskImage\oodiag.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\Windows\system32\UTSCSI.EXE
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\Windows\system32\WebUpdateSvc4.exe

--
End of file - 15816 bytes
 
« Last Edit: April 04, 2011, 06:27:23 PM by Hoov »

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #1 on: April 04, 2011, 06:28:42 PM »
Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

Now onto trying to fix your computer.

Does your computer just quit responding? Or do the programs just not start up? If they are already responding, do other programs work?

We need to see some information about what is happening in your machine.  Please perform the following scan:
  • Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool.  No input is needed, the scan is running.
  • Notepad will open with the results.
  • Please copy and paste both logs into your next response. You may need more than one response.
  • Close the program window, and delete the program from your desktop.
Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet. 

Information on A/V control HERE

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #2 on: April 04, 2011, 07:15:55 PM »
I have only run Malwarebytes and a complete avast scan.  Yes for example avast will be running and then thing just start to stop, if for example when this starts if i try to open itunes it tells me re-install to fix. some things just do not start. Then the PC stops responding and I cant even click restart.

.
DDS (Ver_11-03-05.01) - NTFSx86  
Run by Joe at 19:44:04.77 on Mon 04/04/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3327.1133 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\u36cr1xu.default\extensions\startup.service@mozilla.com\svc.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GreenPrint\GPSRHT01.exe
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
C:\Program Files\GreenPrint\gpsrdg01.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Windows\system32\UTSCSI.EXE
C:\Windows\System32\vds.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
C:\Program Files\Common Files\logishrd\LComMgr\LVComSX.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NetworkIndicator\NetworkIndicator.exe
C:\Users\Joe\Desktop\DesktopOK.exe
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Users\Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\XWindows Dock\XWD.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Windows\system32\WebUpdateSvc4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AirPrint\airprint.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\OO Software\DiskImage\oodiag.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\vdsldr.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Joe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\AUDIODG.EXE
C:\Users\Joe\Desktop\dds.scr
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://my.yahoo.com/
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ThumbnailsBHO Class: {1bd0befe-f697-4eee-b7e1-76b849a5cb84} - c:\program files\xmarks\thumbnails for ie\xmarksthumbnails.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {9E3F670B-884B-4776-A19F-D363C9A4145C} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [NetworkIndicator] c:\program files\networkindicator\NetworkIndicator.exe
uRun: [Epson Stylus NX510(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifia.exe /fu "c:\windows\temp\E_SC5ED.tmp" /EF "HKCU"
uRun: [DesktopOK] "c:\users\joe\desktop\DesktopOK.exe"  -bg -startup
uRun: [Google Update] "c:\users\joe\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [NetBalancer] c:\program files\netbalancer\SeriousBit.NetBalancer.Tray.exe
uRun: [Core Temp] "c:\core temp\Core Temp.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [VAWinAgent] c:\expressgateutil\VAWinAgent.exe
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Genie TimeLine Tray] c:\program files\genie-soft\genie timeline\GSTimeLineAgent.exe -auto
mRun: [LVCOMSX] "c:\program files\common files\logishrd\lcommgr\LVComSX.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [OODefragTray] c:\program files\oo software\defrag\oodtray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10l_ActiveX.exe -update activex
StartupFolder: c:\users\joe\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\joe\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\joe\appdata\roaming\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\users\joe\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\joe\appdata\roaming\micros~1\windows\startm~1\programs\startup\xwindo~1.lnk - c:\program files\xwindows dock\XWD.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\joe\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\joe\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
Trusted Zone: cleverreach.com\novastor
Trusted Zone: google-analytics.com
Trusted Zone: novastor.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://dsl.sbc.yahoo.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{08ea8b71-4ab6-431b-8b39-c60b1f121218}\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{08ea8b71-4ab6-431b-8b39-c60b1f121218}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{3c577568-be1e-4551-8968-b38bc97ff655}\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{3c577568-be1e-4551-8968-b38bc97ff655}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{de6fdbf9-913c-461d-857a-4ed69d47c755}\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\{de6fdbf9-913c-461d-857a-4ed69d47c755}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\logitech\harmony remote driver\NprtHarmonyPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\olympus\ib utilities\firefox plugin\npIbInst.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\joe\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\joe\appdata\local\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
FF - plugin: c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
FF - plugin: c:\users\joe\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\joe\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
============= SERVICES / DRIVERS ===============
.
R0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\drivers\oodisr.sys [2010-9-1 96336]
R0 oodisrh;oodisrh;c:\windows\system32\drivers\oodisrh.sys [2010-9-1 28752]
R0 oodivd;O&O DiskImage Virtual Devices Driver;c:\windows\system32\drivers\oodivd.sys [2010-9-1 171088]
R0 oodivdh;oodivdh;c:\windows\system32\drivers\oodivdh.sys [2010-9-1 31824]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-7-5 11448]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-18 294608]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2010-12-9 64608]
R1 CFRPD;CFRPD;c:\windows\system32\drivers\CFRPD.sys [2010-12-9 33744]
R2 AirPrint;AirPrint;c:\program files\airprint\airprint.exe -s --> c:\program files\airprint\airprint.exe -s [?]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-1-26 284672]
R2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ati technologies\ati.ace\reservation manager\AMD Reservation Manager.exe [2010-6-17 140224]
R2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files\amd\raidxpert\bin\RAIDXpertService.exe [2009-3-16 122880]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files\asus\assysctrlservice\1.00.02\AsSysCtrlService.exe [2010-3-18 90112]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-18 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-3-18 51280]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-14 40384]
R2 Cleaner_Validator;COMODO System - Cleaner Service;c:\program files\comodo\comodo system-cleaner\Cleaner_Validator.exe [2010-12-9 305600]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2010-3-19 12672]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-4-10 294912]
R2 Firefox Service;Firefox Service;c:\users\joe\appdata\roaming\mozilla\firefox\profiles\u36cr1xu.default\extensions\startup.service@mozilla.com\svc.exe [2011-3-26 83456]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-11-20 238952]
R2 GenieTimelineService;Genie Timeline Service;c:\program files\genie-soft\genie timeline\GenieTimelineService.exe [2011-1-11 362624]
R2 GreenPrint;GreenPrint;c:\program files\greenprint\gpsrht01.exe [2010-3-29 427048]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-1-2 821592]
R2 NetBalancer Windows Service;NetBalancer Windows Service;c:\program files\netbalancer\SeriousBit.NetBalancer.Service.exe [2011-2-17 10240]
R2 OO DiskImage;OO DiskImage;c:\program files\oo software\diskimage\oodiag.exe [2010-9-1 2811208]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2010-11-25 2404168]
R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2010-3-18 27648]
R2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2011-4-4 439632]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-10-19 2011944]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-8-20 77312]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-11-8 237568]
R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2010-11-8 1060352]
R2 WDSC;WD File Management Shadow Engine;c:\program files\western digital\wd smartware\front parlor\WDSC.exe [2010-11-8 484352]
R2 WebUpdate4;Web Update Wizard Service V4;c:\windows\system32\WebUpdateSvc4.exe [2008-9-15 262360]
R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2010-11-3 17984]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-2-26 37944]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-1-26 7566848]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-1-26 238592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2011-2-14 18256]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-11-20 36608]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2010-8-24 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2010-8-24 10448]
R3 Nbdrv;NetBalancer Service;c:\windows\system32\drivers\nbdrv.sys [2011-2-17 28776]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2011-2-14 41424]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-1-21 328808]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2011-2-14 24432]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-3-18 1077760]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
S2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\bcuservice.exe --> c:\program files\devicevm\browser configuration utility

\BCUService.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-18 133104]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 25112]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2010-4-10 266544]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2010-3-18 35328]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtVlan60.sys [2010-3-18 19968]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2010-3-18 35328]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-2 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-31 1343400]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-11-24 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-11-24 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-11-24 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-11-24 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-11-24 25704]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-13 20480]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-04-05 00:00:45   --------   d-----w-   c:\program files\WinPcap
2011-04-05 00:00:20   --------   d-----w-   c:\program files\Trend Micro
2011-04-03 19:29:57   --------   d-----w-   c:\program files\DVDFab 8
2011-04-01 16:14:11   6792528   ----a-w-   c:\progra~2\microsoft\windows defender\definition updates\{5de9594e-d487-4435-a704-34a514cabc9d}\mpengine.dll
2011-03-24 17:00:46   --------   d-----w-   c:\program files\iPod
2011-03-24 17:00:45   --------   d-----w-   c:\program files\iTunes
2011-03-24 16:57:20   --------   d-----w-   c:\program files\Bonjour
2011-03-24 16:27:16   --------   d-----w-   c:\windows\system32\appmgmt
2011-03-24 16:04:17   --------   d-----w-   c:\users\joe\appdata\roaming\DVDVideoSoft
2011-03-23 02:06:03   --------   d-----w-   c:\progra~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-23 00:16:45   142296   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
2011-03-23 00:16:41   781272   ----a-w-   c:\program files\mozilla firefox\mozsqlite3.dll
2011-03-23 00:16:41   728024   ----a-w-   c:\program files\mozilla firefox\libGLESv2.dll
2011-03-23 00:16:41   1874904   ----a-w-   c:\program files\mozilla firefox\mozjs.dll
2011-03-23 00:16:41   15832   ----a-w-   c:\program files\mozilla firefox\mozalloc.dll
2011-03-23 00:16:41   142296   ----a-w-   c:\program files\mozilla firefox\libEGL.dll
2011-03-23 00:16:40   1975768   ----a-w-   c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-03-23 00:16:40   1893336   ----a-w-   c:\program files\mozilla firefox\d3dx9_42.dll
2011-03-16 22:29:14   --------   d-----w-   c:\users\joe\appdata\local\Xmarks
2011-03-16 22:29:14   --------   d-----w-   c:\program files\Xmarks
2011-03-12 17:28:40   103864   ----a-w-   c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-03-12 17:28:40   103864   ----a-w-   c:\program files\internet explorer\plugins\nppdf32.dll
2011-03-10 03:31:25   --------   d-----w-   c:\users\joe\Logitech
2011-03-10 03:30:00   --------   d-----w-   c:\program files\common files\Remote Control USB Driver
2011-03-10 03:29:42   274432   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2011-03-10 03:29:42   204800   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2011-03-10 03:29:41   757760   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2011-03-10 03:29:41   69715   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2011-03-10 03:29:41   5632   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2011-03-10 03:29:41   331908   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2011-03-10 03:29:41   200836   ----a-w-   c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2011-03-09 16:27:18   --------   d-----w-   c:\users\joe\appdata\local\CrashDumps
2011-03-09 01:50:44   805376   ----a-w-   c:\windows\system32\FntCache.dll
2011-03-09 01:50:44   739840   ----a-w-   c:\windows\system32\d2d1.dll
2011-03-09 01:50:44   1076736   ----a-w-   c:\windows\system32\DWrite.dll
2011-03-09 01:50:43   642048   ----a-w-   c:\windows\system32\CPFilters.dll
2011-03-09 01:50:43   534528   ----a-w-   c:\windows\system32\EncDec.dll
2011-03-09 01:50:42   850944   ----a-w-   c:\windows\system32\sbe.dll
2011-03-09 01:50:42   199680   ----a-w-   c:\windows\system32\mpg2splt.ax
.
==================== Find3M  ====================
.
2011-03-03 03:17:35   152576   ----a-w-   c:\windows\system32\msclmd.dll
2011-02-18 22:36:58   4184352   ----a-w-   c:\windows\system32\usbaaplrc.dll
2011-02-03 03:40:23   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-02-02 23:11:20   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-01-26 23:00:44   143360   ----a-w-   c:\windows\system32\atiapfxx.exe
2011-01-26 23:00:30   596480   ----a-w-   c:\windows\system32\aticfx32.dll
2011-01-26 22:59:46   17204736   ----a-w-   c:\windows\system32\atioglxx.dll
2011-01-26 22:56:30   462848   ----a-w-   c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55:54   393216   ----a-w-   c:\windows\system32\atieclxx.exe
2011-01-26 22:55:24   176128   ----a-w-   c:\windows\system32\atiesrxx.exe
2011-01-26 22:54:10   159744   ----a-w-   c:\windows\system32\atitmmxx.dll
2011-01-26 22:53:54   356352   ----a-w-   c:\windows\system32\atipdlxx.dll
2011-01-26 22:53:42   278528   ----a-w-   c:\windows\system32\Oemdspif.dll
2011-01-26 22:53:34   15872   ----a-w-   c:\windows\system32\atimuixx.dll
2011-01-26 22:53:26   43520   ----a-w-   c:\windows\system32\ati2edxx.dll
2011-01-26 22:49:44   4105728   ----a-w-   c:\windows\system32\atidxx32.dll
2011-01-26 22:32:12   1912832   ----a-w-   c:\windows\system32\atiumdmv.dll
2011-01-26 22:28:52   4170752   ----a-w-   c:\windows\system32\atiumdag.dll
2011-01-26 22:27:50   46080   ----a-w-   c:\windows\system32\aticalrt.dll
2011-01-26 22:27:40   44032   ----a-w-   c:\windows\system32\aticalcl.dll
2011-01-26 22:25:50   5580800   ----a-w-   c:\windows\system32\aticaldd.dll
2011-01-26 22:24:18   3463680   ----a-w-   c:\windows\system32\atiumdva.dll
2011-01-26 22:20:44   52736   ----a-w-   c:\windows\system32\coinst.dll
2011-01-26 22:14:06   249856   ----a-w-   c:\windows\system32\atiadlxx.dll
2011-01-26 22:13:52   12800   ----a-w-   c:\windows\system32\atiglpxx.dll
2011-01-26 22:13:42   32768   ----a-w-   c:\windows\system32\atigktxx.dll
2011-01-26 22:12:40   30720   ----a-w-   c:\windows\system32\atiuxpag.dll
2011-01-26 22:12:24   28672   ----a-w-   c:\windows\system32\atiu9pag.dll
2011-01-26 22:08:40   52736   ----a-w-   c:\windows\system32\atimpc32.dll
2011-01-26 22:08:40   52736   ----a-w-   c:\windows\system32\amdpcom32.dll
2011-01-21 12:36:02   80416   ----a-w-   c:\windows\system32\RtNicProp32.dll
2011-01-17 05:47:13   161792   ----a-w-   c:\windows\system32\d3d10_1.dll
2011-01-13 08:47:35   38848   ----a-w-   c:\windows\avastSS.scr
2011-01-07 07:46:34   870912   ----a-w-   c:\windows\system32\XpsPrint.dll
2011-01-07 07:46:34   288256   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:45:57   34304   ----a-w-   c:\windows\system32\atmlib.dll
2011-01-07 05:43:36   294400   ----a-w-   c:\windows\system32\atmfd.dll
2011-01-06 01:34:01   87608   ----a-w-   c:\users\joe\appdata\roaming\inst.exe
2011-01-06 01:34:01   47360   ----a-w-   c:\users\joe\appdata\roaming\pcouffin.sys
2011-01-05 03:51:01   2330624   ----a-w-   c:\windows\system32\win32k.sys
.
============= FINISH: 19:47:09.43 ===============

second log will follow...................








*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #3 on: April 04, 2011, 07:28:35 PM »
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/18/2010 8:22:17 PM
System Uptime: 4/4/2011 7:06:23 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M4A785TD-V EVO
Processor: AMD Phenom(tm) II X4 955 Processor | AM3 | 3214/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 127 GiB total, 52.426 GiB free.
D: is FIXED (NTFS) - 405 GiB total, 282.718 GiB free.
E: is FIXED (NTFS) - 400 GiB total, 150.398 GiB free.
F: is FIXED (NTFS) - 298 GiB total, 196.175 GiB free.
G: is CDROM ()
H: is CDROM ()
I: is Removable
K: is CDROM ()
L: is FIXED (NTFS) - 596 GiB total, 481.442 GiB free.
N: is CDROM ()
Y: is NetworkDisk (FAT) - 0 GiB total, 0 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP490: 4/3/2011 2:26:23 PM - Revo Uninstaller Pro's restore point - DVDFab

8.0.7.3 (29/01/2011)
.
==== Installed Programs ======================
.
µTorrent
Acrobat.com
Acronis True Image WD Edition
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.3
Advanced MP3 Renamer 1.0.0
AeroWeather
AIM 7
AM-DeadLink 4.3
AMD Drag and Drop Transcoding
AMD Fuel
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Calendar
ASUSUpdate
AT&T Unified Messaging
ATI Catalyst Install Manager
ATI Catalyst Registration
ATI Stream SDK v2 Developer
avast! Free Antivirus
AVS Audio Converter version 6.1
AVS Update Manager 1.0
Bandwidth Monitor 3.4 build 757
Bejeweled 3
BioShock 2
Bonjour
Bonjour Print Services
Browser Configuration Utility
Call of Duty: Black Ops
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
Circle Dock
COMODO System-Cleaner
CopyTrans Suite Remove Only
Core Temp version 0.99.8
Counter-Strike: Source
Coupon Printer for Windows
CPUID CPU-Z 1.53.1
Crysis® 2
D3DX10
Dell Driver Download Manager
DH Driver Cleaner Professional Edition
Diagnostic Utility
Download Updater (AOL LLC)
Dropbox
DVDFab 8.0.8.5 (19/03/2011)
Epson CreativeZone
Epson Event Manager
EPSON NX510 Series Printer Uninstall
EPSON Scan
EpsonNet Print
EpsonNet Setup
EPU-4 Engine
eReg
Evernote v. 4.2.2
Express Gate
ExpressGate Cloud
FastStone Photo Resizer 3.0
Flash Renamer 5.02
Free Studio version 5.0.6
Free Video to iPhone Converter version 3.2.10
FreeArc 0.60
Genie Timeline Home 2.1
Gold Fish Animated Wallpaper version 1.0
Google Chrome
Google Earth Plug-in
Google Gmail Notifier
Google Talk Plugin
Google Update Helper
GreenPrint
Half-Life 2
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
HijackThis 2.0.2
IObit Malware Fighter
iTunes
Java Auto Updater
Java Media Framework 2.1.1e
Java(TM) 6 Update 24
Juniper Networks Cache Cleaner 5.5.0
Juniper Networks Setup Client
Junk Mail filter update
LG ODD Auto Firmware Update
Logitech Harmony Remote Software
Logitech QuickCam
Logitech SetPoint 6.20
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Mass Effect 2
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Fix it Center
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007 Trial
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework 2.0 Core Components (x86) ENU
Microsoft Sync Framework 2.0 Provider Services (x86) ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
MobileMe Control Panel
MozBackup 1.4.10
Mozilla Firefox 4.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MusicBrainz Picard
NetBalancer
Network Activity Indicator for Windows 7 version 1.2
NVIDIA PhysX
O&O Defrag Professional
O&O DiskImage Professional
OGA Notifier 2.0.0048.0
OLYMPUS Digital Camera Updater
Olympus ib
PC Wizard 2010.1.93
Platform
Portal
PunkBuster Services
QuickTime
RAIDXpert
Realtek 8136 8168 8169 Ethernet Driver
Remote Control USB Driver
Safari
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Samsung_MonSetup
Secunia PSI (2.0.0.3001)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio 2007 (KB2434737)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Software Update Wizard (Redistributable) 4.5
Sonic RecordNow! Plus
Sonic Update Manager
SplashID iPhone Desktop 5.2
Steam
SyncToy 2.1 (x86)
TeamViewer 5
TeraCopy 2.12
The Lord of the Rings FREE Trial
Trend Micro RUBotted 2.0 Beta
TurboV
Uninstall 1.0.0.1
Unlocker 1.9.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2508979)
VIA Platform Device Manager
VSO CopyToDVD 4
WD SmartWare
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver

Package (09/09/2009 1.0.0.0)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.1
WinRAR archiver
WinZip 15.0
WMV9/VC-1 Video Playback
Xmarks for IE
Xmarks Thumbnails for IE
XWindows Dock
Yahoo! BrowserPlus 2.7.1
.
==== Event Viewer Messages From Past Week ========
.
4/4/2011 7:14:56 PM, Error: Service Control Manager [7022]  - The Windows

Update service hung on starting.
4/4/2011 7:08:59 PM, Error: VDS Basic Provider [1]  - Unexpected failure.

Error code: D@01010004
4/4/2011 6:40:56 PM, Error: Service Control Manager [7009]  - A timeout was

reached (30000 milliseconds) while waiting for the O&O Defrag Agent service to

connect.
4/4/2011 6:40:56 PM, Error: Service Control Manager [7000]  - The O&O Defrag

Agent service failed to start due to the following error:  The service did not

respond to the start or control request in a timely fashion.
4/4/2011 6:40:23 PM, Error: Service Control Manager [7009]  - A timeout was

reached (30000 milliseconds) while waiting for the NetBalancer Windows Service

service to connect.
4/4/2011 6:40:23 PM, Error: Service Control Manager [7000]  - The NetBalancer

Windows Service service failed to start due to the following error:  The

service did not respond to the start or control request in a timely fashion.
4/4/2011 6:07:37 AM, Error: Service Control Manager [7031]  - The Genie

Timeline Service service terminated unexpectedly.  It has done this 2 time(s).

 The following corrective action will be taken in 5000 milliseconds: Restart

the service.
4/4/2011 5:45:18 AM, Error: Service Control Manager [7031]  - The Genie

Timeline Service service terminated unexpectedly.  It has done this 1 time(s).

 The following corrective action will be taken in 5000 milliseconds: Restart

the service.
4/4/2011 5:42:43 AM, Error: Service Control Manager [7034]  - The COMODO

System - Cleaner Service service terminated unexpectedly.  It has done this 1

time(s).
4/4/2011 4:14:07 PM, Error: Service Control Manager [7011]  - A timeout (30000

milliseconds) was reached while waiting for a transaction response from the

GenieTimelineService service.
4/3/2011 9:17:50 AM, Error: Microsoft-Windows-Application-Experience [205]  -

The Program Compatibility Assistant service failed to perform the phase two

initialization.
4/3/2011 9:14:29 AM, Error: Service Control Manager [7001]  - The Network List

Service service depends on the Network Location Awareness service which failed

to start because of the following error:  The dependency service or group

failed to start.
4/3/2011 9:14:29 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1068" attempting to start the service fdPHost with arguments "" in

order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
4/3/2011 9:14:29 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1068" attempting to start the service fdPHost with arguments "" in

order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
4/3/2011 9:14:09 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1084" attempting to start the service WSearch with arguments "" in

order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/3/2011 9:14:09 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1084" attempting to start the service WSearch with arguments "" in

order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/3/2011 9:14:07 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1068" attempting to start the service netprofm with arguments "" in

order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/3/2011 9:14:07 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1068" attempting to start the service netman with arguments "" in

order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/3/2011 9:14:06 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1084" attempting to start the service EventSystem with arguments ""

in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/3/2011 9:14:00 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM

got error "1084" attempting to start the service ShellHWDetection with

arguments "" in order to run the server: {DD522ACC-F821-461A-A407-

50B198B896DC}
4/3/2011 9:13:53 AM, Error: Service Control Manager [7026]  - The following

boot-start or system-start driver(s) failed to load:  AFD AsIO AsUpIO aswRdr

aswSP aswTdi CFRMD CFRPD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss

spldr tdx vpcnfltr vpcvmm Wanarpv6 WfpLwf
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The Workstation

service depends on the Network Store Interface Service service which failed to

start because of the following error:  The dependency service or group failed

to start.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The TCP/IP

NetBIOS Helper service depends on the Ancillary Function Driver for Winsock

service which failed to start because of the following error:  A device

attached to the system is not functioning.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The SMB

MiniRedirector Wrapper and Engine service depends on the Redirected Buffering

Sub Sysytem service which failed to start because of the following error:  A

device attached to the system is not functioning.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The SMB 2.0

MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine

service which failed to start because of the following error:  The dependency

service or group failed to start.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The SMB 1.x

MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine

service which failed to start because of the following error:  The dependency

service or group failed to start.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The Network

Store Interface Service service depends on the NSI proxy service driver.

service which failed to start because of the following error:  A device

attached to the system is not functioning.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The Network

Location Awareness service depends on the Network Store Interface Service

service which failed to start because of the following error:  The dependency

service or group failed to start.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The IP Helper

service depends on the Network Store Interface Service service which failed to

start because of the following error:  The dependency service or group failed

to start.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The DNS Client

service depends on the NetIO Legacy TDI Support Driver service which failed to

start because of the following error:  A device attached to the system is not

functioning.
4/3/2011 9:13:50 AM, Error: Service Control Manager [7001]  - The DHCP Client

service depends on the Ancillary Function Driver for Winsock service which

failed to start because of the following error:  A device attached to the

system is not functioning.
4/3/2011 8:29:10 PM, Error: Disk [11]  - The driver detected a controller

error on \Device\Harddisk3\DR3.
4/3/2011 8:28:57 PM, Error: Service Control Manager [7009]  - A timeout was

reached (30000 milliseconds) while waiting for the AirPrint service to

connect.
4/3/2011 8:28:57 PM, Error: Service Control Manager [7000]  - The AirPrint

service failed to start due to the following error:  The service did not

respond to the start or control request in a timely fashion.
4/3/2011 8:21:26 PM, Error: Service Control Manager [7009]  - A timeout was

reached (30000 milliseconds) while waiting for the Web Update Wizard Service

V4 service to connect.
4/3/2011 3:20:02 AM, Error: Microsoft-Windows-Eventlog [23]  - The event

logging service encountered an error (res=8) while initializing logging

resources for channel Microsoft-Windows-WER-Diag/Operational.
4/2/2011 8:45:07 PM, Error: Service Control Manager [7011]  - A timeout (30000

milliseconds) was reached while waiting for a transaction response from the

TeamViewer5 service.
4/2/2011 3:50:39 PM, Error: Service Control Manager [7011]  - A timeout (30000

milliseconds) was reached while waiting for a transaction response from the

GreenPrint service.
4/1/2011 11:07:47 PM, Error: Disk [11]  - The driver detected a controller

error on \Device\Harddisk2\DR2.
3/30/2011 5:39:36 PM, Error: volsnap [36]  - The shadow copies of volume C:

were aborted because the shadow copy storage could not grow due to a user

imposed limit.
3/30/2011 3:23:23 PM, Error: Service Control Manager [7026]  - The following

boot-start or system-start driver(s) failed to load:  CFRMD
.
==== End Of File ===========================

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #4 on: April 04, 2011, 07:56:39 PM »
First please read http://spywarehammer.com/simplemachinesforum/index.php?topic=110.0 .

Once you have uninstalled all your P2P programs, can you tell me how long your computer runs before you start seeing problems?

Next I need you to go to the administration tools in Windows 7. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.





  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.





  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #5 on: April 04, 2011, 08:17:22 PM »
cant send in zip file, too large!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #6 on: April 04, 2011, 08:19:52 PM »
2011/04/04 21:18:27.0425 15388   TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/04 21:18:27.0606 15388   ================================================================================
2011/04/04 21:18:27.0606 15388   SystemInfo:
2011/04/04 21:18:27.0606 15388   
2011/04/04 21:18:27.0606 15388   OS Version: 6.1.7601 ServicePack: 1.0
2011/04/04 21:18:27.0606 15388   Product type: Workstation
2011/04/04 21:18:27.0607 15388   ComputerName: STORNELLO-PC1
2011/04/04 21:18:27.0607 15388   UserName: Joe
2011/04/04 21:18:27.0607 15388   Windows directory: C:\Windows
2011/04/04 21:18:27.0607 15388   System windows directory: C:\Windows
2011/04/04 21:18:27.0607 15388   Processor architecture: Intel x86
2011/04/04 21:18:27.0607 15388   Number of processors: 4
2011/04/04 21:18:27.0607 15388   Page size: 0x1000
2011/04/04 21:18:27.0607 15388   Boot type: Normal boot
2011/04/04 21:18:27.0607 15388   ================================================================================
2011/04/04 21:18:28.0311 15388   Initialize success
2011/04/04 21:18:36.0560 15824   ================================================================================
2011/04/04 21:18:36.0560 15824   Scan started
2011/04/04 21:18:36.0560 15824   Mode: Manual;
2011/04/04 21:18:36.0560 15824   ================================================================================
2011/04/04 21:18:37.0085 15824   1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/04/04 21:18:37.0119 15824   ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/04/04 21:18:37.0149 15824   AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/04/04 21:18:37.0210 15824   adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/04 21:18:37.0236 15824   adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/04 21:18:37.0262 15824   adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/04 21:18:37.0306 15824   AFD             (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
2011/04/04 21:18:37.0326 15824   agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/04/04 21:18:37.0345 15824   aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/04 21:18:37.0387 15824   aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/04/04 21:18:37.0489 15824   amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/04/04 21:18:37.0510 15824   amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/04/04 21:18:37.0536 15824   amdiox86        (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
2011/04/04 21:18:37.0556 15824   AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/04 21:18:37.0688 15824   amdkmdag        (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/04 21:18:37.0819 15824   amdkmdap        (92dc2e0ae49148f83b24d89c737b0c97) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/04/04 21:18:37.0841 15824   AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/04 21:18:37.0869 15824   amdsata         (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
2011/04/04 21:18:37.0894 15824   amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/04 21:18:37.0919 15824   amdxata         (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
2011/04/04 21:18:37.0957 15824   AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/04/04 21:18:38.0013 15824   arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/04 21:18:38.0031 15824   arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/04 21:18:38.0057 15824   AsIO            (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
2011/04/04 21:18:38.0087 15824   AsUpIO          (e67493490466b5f04b58c22d2590e8ca) C:\Windows\system32\drivers\AsUpIO.sys
2011/04/04 21:18:38.0102 15824   aswFsBlk        (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\Windows\system32\drivers\aswFsBlk.sys
2011/04/04 21:18:38.0127 15824   aswMonFlt       (317f85fb68a3be507e9ccede5e6d9ee0) C:\Windows\system32\drivers\aswMonFlt.sys
2011/04/04 21:18:38.0147 15824   aswRdr          (b6e8c5874377a42756c282fac2e20836) C:\Windows\system32\drivers\aswRdr.sys
2011/04/04 21:18:38.0172 15824   aswSP           (b93a553c9b0f14263c8f016a44c3258c) C:\Windows\system32\drivers\aswSP.sys
2011/04/04 21:18:38.0192 15824   aswTdi          (1408421505257846eb336feeef33352d) C:\Windows\system32\drivers\aswTdi.sys
2011/04/04 21:18:38.0214 15824   AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/04 21:18:38.0227 15824   atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/04/04 21:18:38.0300 15824   AtiHDAudioService (95b1e9804ca10d096c0383f7c6684950) C:\Windows\system32\drivers\AtihdW73.sys
2011/04/04 21:18:38.0408 15824   AtiHdmiService  (36a49b49e982450ac117eda6ab35bdf5) C:\Windows\system32\drivers\AtiHdmi.sys
2011/04/04 21:18:38.0429 15824   AtiPcie         (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/04/04 21:18:38.0472 15824   b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/04 21:18:38.0497 15824   b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/04 21:18:38.0529 15824   Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/04 21:18:38.0558 15824   blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/04 21:18:38.0578 15824   bowser          (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/04 21:18:38.0601 15824   BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/04 21:18:38.0629 15824   BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/04 21:18:38.0662 15824   Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/04 21:18:38.0677 15824   BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/04 21:18:38.0699 15824   BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/04 21:18:38.0717 15824   BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/04 21:18:38.0746 15824   BthAvrcp        (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys
2011/04/04 21:18:38.0800 15824   BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
2011/04/04 21:18:38.0820 15824   BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/04 21:18:38.0846 15824   BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/04/04 21:18:38.0883 15824   BTHPORT         (195c41cc67e9e1cedd960ccb74925920) C:\Windows\System32\Drivers\BTHport.sys
2011/04/04 21:18:38.0922 15824   BTHUSB          (43b3206dd654e783aa7e4ead340a43b8) C:\Windows\System32\Drivers\BTHUSB.sys
2011/04/04 21:18:38.0957 15824   CamDrL          (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\Windows\system32\DRIVERS\Camdrl.sys
2011/04/04 21:18:38.0997 15824   cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/04 21:18:39.0035 15824   cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
2011/04/04 21:18:39.0066 15824   CFRMD           (51a59d8608bcfa84d71dd9977439f074) C:\Windows\system32\DRIVERS\CFRMD.sys
2011/04/04 21:18:39.0086 15824   CFRPD           (12ff8d1f133c4d60c5dc782cac7e1362) C:\Windows\system32\DRIVERS\CFRPD.sys
2011/04/04 21:18:39.0116 15824   circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/04 21:18:39.0152 15824   CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/04 21:18:39.0194 15824   CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/04 21:18:39.0212 15824   cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/04/04 21:18:39.0236 15824   CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/04 21:18:39.0260 15824   Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/04 21:18:39.0291 15824   CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/04/04 21:18:39.0336 15824   cpuz132         (097a0a4899b759a4f032bd464963b4be) C:\Windows\system32\drivers\cpuz132_x32.sys
2011/04/04 21:18:39.0357 15824   crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/04 21:18:39.0405 15824   CSC             (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/04/04 21:18:39.0438 15824   DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/04/04 21:18:39.0459 15824   discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/04 21:18:39.0480 15824   Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/04 21:18:39.0525 15824   drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/04 21:18:39.0564 15824   DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/04 21:18:39.0639 15824   ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/04 21:18:39.0724 15824   elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/04 21:18:39.0772 15824   ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/04/04 21:18:39.0811 15824   exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/04 21:18:39.0826 15824   fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/04 21:18:39.0853 15824   fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/04 21:18:39.0872 15824   FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/04 21:18:39.0930 15824   FileMonitor     (53ae964b7271c4ce8f5dc3bdb96c6949) C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
2011/04/04 21:18:39.0949 15824   Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/04 21:18:39.0981 15824   flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/04 21:18:40.0004 15824   FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/04 21:18:40.0035 15824   FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/04 21:18:40.0052 15824   fssfltr         (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/04/04 21:18:40.0085 15824   FsUsbExDisk     (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
2011/04/04 21:18:40.0119 15824   Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/04 21:18:40.0145 15824   fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/04 21:18:40.0168 15824   gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/04 21:18:40.0195 15824   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/04 21:18:40.0231 15824   hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/04 21:18:40.0260 15824   HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/04/04 21:18:40.0284 15824   HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/04/04 21:18:40.0300 15824   HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/04 21:18:40.0319 15824   HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/04 21:18:40.0342 15824   HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/04 21:18:40.0376 15824   HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/04 21:18:40.0406 15824   HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/04/04 21:18:40.0445 15824   HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/04/04 21:18:40.0470 15824   hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/04 21:18:40.0488 15824   i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/04/04 21:18:40.0510 15824   iaStorV         (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
2011/04/04 21:18:40.0546 15824   iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/04 21:18:40.0590 15824   intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/04/04 21:18:40.0607 15824   intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/04 21:18:40.0635 15824   IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/04 21:18:40.0656 15824   IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/04/04 21:18:40.0671 15824   IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/04 21:18:40.0689 15824   IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/04 21:18:40.0705 15824   isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/04/04 21:18:40.0724 15824   iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/04/04 21:18:40.0761 15824   ivusb           (37412294ea4b70ed8b4a9338ebaeecaa) C:\Windows\system32\DRIVERS\ivusb.sys
2011/04/04 21:18:40.0794 15824   kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
2011/04/04 21:18:40.0827 15824   kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
2011/04/04 21:18:40.0862 15824   KSecDD          (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/04 21:18:40.0877 15824   KSecPkg         (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/04 21:18:40.0933 15824   LEqdUsb         (eee5a87ec378c9ad7ce91073fbd63465) C:\Windows\system32\Drivers\LEqdUsb.Sys
2011/04/04 21:18:40.0956 15824   LHidEqd         (62663b385087f5977d8ebd1fdc67b639) C:\Windows\system32\Drivers\LHidEqd.Sys
2011/04/04 21:18:40.0975 15824   LHidFilt        (318b3d608fbec44b7e0c23bf759dced5) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/04/04 21:18:41.0011 15824   lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/04 21:18:41.0037 15824   LMouFilt        (84af069d219df3c43dc6792b2bbd7bed) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/04/04 21:18:41.0064 15824   LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/04 21:18:41.0089 15824   LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/04 21:18:41.0104 15824   LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/04 21:18:41.0122 15824   LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/04 21:18:41.0142 15824   luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/04 21:18:41.0203 15824   LVcKap          (9a3d4fc6b86e7e36473079ab76ac703d) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/04/04 21:18:41.0283 15824   LVMVDrv         (0acbc11f19320af6c19f2e20013d9095) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/04/04 21:18:41.0335 15824   LVPr2Mon        (12866641284ebb41e627bb53c04da959) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/04/04 21:18:41.0382 15824   LVUSBSta        (64bc29c3a0388bfc580bb8b1346f7659) C:\Windows\system32\DRIVERS\LVUSBSta.sys
2011/04/04 21:18:41.0412 15824   mcdbus          (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/04/04 21:18:41.0432 15824   megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/04 21:18:41.0459 15824   MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/04 21:18:41.0484 15824   Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/04 21:18:41.0520 15824   monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/04 21:18:41.0552 15824   mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
2011/04/04 21:18:41.0566 15824   mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/04 21:18:41.0605 15824   mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/04/04 21:18:41.0628 15824   mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/04/04 21:18:41.0651 15824   mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/04 21:18:41.0690 15824   MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/04/04 21:18:41.0712 15824   mrxsmb          (b272b4c3e085ea860c12f2e4faf2ffa2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/04 21:18:41.0727 15824   mrxsmb10        (9ac33ef26c8a3ad0f117d00eb7301d03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/04 21:18:41.0746 15824   mrxsmb20        (e0abdb5ed7e199e242a7d028e76c1d3a) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/04 21:18:41.0764 15824   msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/04/04 21:18:41.0785 15824   msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/04/04 21:18:41.0808 15824   Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/04 21:18:41.0829 15824   mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/04 21:18:41.0841 15824   msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/04/04 21:18:41.0877 15824   MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/04 21:18:41.0895 15824   MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/04 21:18:41.0914 15824   MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/04 21:18:41.0939 15824   MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/04 21:18:41.0965 15824   mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/04/04 21:18:41.0989 15824   MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/04 21:18:42.0009 15824   MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/04 21:18:42.0041 15824   MTsensor        (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/04/04 21:18:42.0070 15824   Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/04 21:18:42.0102 15824   NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/04 21:18:42.0138 15824   Nbdrv           (ce450acf87ea92fd3c09873149b4badb) C:\Windows\system32\DRIVERS\nbdrv.sys
2011/04/04 21:18:42.0178 15824   NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/04/04 21:18:42.0208 15824   NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/04 21:18:42.0230 15824   NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/04 21:18:42.0258 15824   Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/04 21:18:42.0286 15824   NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/04 21:18:42.0307 15824   NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/04/04 21:18:42.0339 15824   NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/04 21:18:42.0370 15824   NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/04 21:18:42.0428 15824   nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/04 21:18:42.0464 15824   NPF             (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
2011/04/04 21:18:42.0480 15824   Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/04 21:18:42.0496 15824   nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/04 21:18:42.0523 15824   Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
2011/04/04 21:18:42.0554 15824   Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/04 21:18:42.0591 15824   nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
2011/04/04 21:18:42.0618 15824   nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
2011/04/04 21:18:42.0642 15824   nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/04/04 21:18:42.0663 15824   ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/04/04 21:18:42.0743 15824   oodisr          (0d48a7d3859c3bc893241444729aefee) C:\Windows\system32\DRIVERS\oodisr.sys
2011/04/04 21:18:42.0759 15824   oodisrh         (7baa052b7409509f7e81365281865895) C:\Windows\system32\DRIVERS\oodisrh.sys
2011/04/04 21:18:42.0776 15824   oodivd          (f694728aa200fa295fd8a093a907c1ea) C:\Windows\system32\DRIVERS\oodivd.sys
2011/04/04 21:18:42.0792 15824   oodivdh         (df8b3600467c380e60cc7053e7eecc02) C:\Windows\system32\DRIVERS\oodivdh.sys
2011/04/04 21:18:42.0835 15824   Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/04 21:18:42.0858 15824   partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/04/04 21:18:42.0881 15824   Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/04 21:18:42.0905 15824   pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/04/04 21:18:42.0920 15824   pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/04/04 21:18:42.0952 15824   pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/04 21:18:42.0990 15824   pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/04/04 21:18:43.0006 15824   pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/04 21:18:43.0033 15824   PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/04 21:18:43.0110 15824   PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/04 21:18:43.0127 15824   Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/04 21:18:43.0159 15824   Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/04 21:18:43.0190 15824   PSI             (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
2011/04/04 21:18:43.0216 15824   PxHelp20        (30cbae0a34359f1cd19d1576245149ed) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/04 21:18:43.0255 15824   ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/04 21:18:43.0288 15824   ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/04 21:18:43.0306 15824   QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/04 21:18:43.0336 15824   RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/04 21:18:43.0358 15824   RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/04 21:18:43.0374 15824   Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/04 21:18:43.0437 15824   RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/04 21:18:43.0462 15824   RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/04 21:18:43.0492 15824   rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/04 21:18:43.0508 15824   rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/04 21:18:43.0530 15824   RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/04 21:18:43.0562 15824   RDPDR           (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/04/04 21:18:43.0586 15824   RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/04 21:18:43.0603 15824   RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/04 21:18:43.0637 15824   RDPWD           (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/04/04 21:18:43.0675 15824   rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/04/04 21:18:43.0753 15824   RegFilter       (ea7d751a55c8935257f3438efa469c48) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\RegFilter.sys
2011/04/04 21:18:43.0784 15824   RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/04/04 21:18:43.0832 15824   RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/04/04 21:18:43.0857 15824   ROOTMODEM       (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
2011/04/04 21:18:43.0903 15824   rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/04 21:18:43.0942 15824   RTL8167         (94a48c15d32d69867f03894a4e70a87a) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/04 21:18:43.0990 15824   RtNdPt60        (7f8d15ee000577be703537849d4f9397) C:\Windows\system32\DRIVERS\RtNdPt60.sys
2011/04/04 21:18:44.0007 15824   RTTEAMPT        (d78d74c6ed83339910ccca7e68534222) C:\Windows\system32\DRIVERS\RtTeam60.sys
2011/04/04 21:18:44.0031 15824   RTVLANPT        (e6472a4007fb17d27d4091abd657a291) C:\Windows\system32\DRIVERS\RtVlan60.sys
2011/04/04 21:18:44.0061 15824   s3cap           (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/04/04 21:18:44.0092 15824   sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/04/04 21:18:44.0127 15824   scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/04 21:18:44.0168 15824   secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/04 21:18:44.0216 15824   Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/04 21:18:44.0243 15824   Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/04 21:18:44.0264 15824   sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/04 21:18:44.0302 15824   sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/04/04 21:18:44.0324 15824   sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/04 21:18:44.0348 15824   sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/04 21:18:44.0363 15824   sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/04 21:18:44.0391 15824   sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/04/04 21:18:44.0406 15824   SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/04 21:18:44.0420 15824   SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/04 21:18:44.0451 15824   Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/04 21:18:44.0493 15824   snapman         (68fc62a72bd6d8e9dfe3718440be94a0) C:\Windows\system32\DRIVERS\snapman.sys
2011/04/04 21:18:44.0512 15824   spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/04 21:18:44.0542 15824   srv             (112127c3b2e64d7680cc39cd0a39dd7e) C:\Windows\system32\DRIVERS\srv.sys
2011/04/04 21:18:44.0561 15824   srv2            (e5dd784a4ee5ebc72a86c677c988fcdb) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/04 21:18:44.0584 15824   srvnet          (cdbe627e16cc9e98f343d73f8e81d258) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/04 21:18:44.0632 15824   stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/04 21:18:44.0651 15824   storflt         (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/04/04 21:18:44.0679 15824   storvsc         (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/04/04 21:18:44.0703 15824   swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/04/04 21:18:44.0744 15824   Tcpip           (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
2011/04/04 21:18:44.0779 15824   TCPIP6          (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/04 21:18:44.0812 15824   tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/04 21:18:44.0838 15824   TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/04/04 21:18:44.0876 15824   tdrpman         (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys
2011/04/04 21:18:44.0898 15824   TDTCP           (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/04/04 21:18:44.0927 15824   tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/04 21:18:44.0956 15824   TEAM            (d78d74c6ed83339910ccca7e68534222) C:\Windows\system32\DRIVERS\RtTeam60.sys
2011/04/04 21:18:44.0985 15824   TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/04/04 21:18:45.0020 15824   tifsfilter      (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys
2011/04/04 21:18:45.0041 15824   timounter       (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys
2011/04/04 21:18:45.0089 15824   tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/04 21:18:45.0137 15824   TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/04/04 21:18:45.0189 15824   tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/04 21:18:45.0222 15824   uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/04 21:18:45.0256 15824   udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/04 21:18:45.0298 15824   uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/04 21:18:45.0318 15824   umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
2011/04/04 21:18:45.0337 15824   UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/04 21:18:45.0387 15824   UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/04/04 21:18:45.0445 15824   UrlFilter       (19ec30fe022618600785ab81015d4178) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
2011/04/04 21:18:45.0479 15824   USBAAPL         (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/04 21:18:45.0527 15824   usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
2011/04/04 21:18:45.0556 15824   usbccgp         (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\drivers\usbccgp.sys
2011/04/04 21:18:45.0578 15824   usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/04/04 21:18:45.0600 15824   usbehci         (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/04 21:18:45.0635 15824   usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
2011/04/04 21:18:45.0651 15824   usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/04 21:18:45.0666 15824   usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/04 21:18:45.0697 15824   USBSTOR         (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\drivers\USBSTOR.SYS
2011/04/04 21:18:45.0718 15824   usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/04 21:18:45.0747 15824   vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/04/04 21:18:45.0764 15824   vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/04 21:18:45.0778 15824   VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/04 21:18:45.0799 15824   vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/04/04 21:18:45.0831 15824   viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/04/04 21:18:45.0856 15824   ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/04 21:18:45.0906 15824   VIAHdAudAddService (4906e025dd6b322c4bbd6b9e35c9993a) C:\Windows\system32\drivers\viahduaa.sys
2011/04/04 21:18:45.0940 15824   viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/04/04 21:18:45.0959 15824   vmbus           (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/04/04 21:18:45.0982 15824   VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/04/04 21:18:45.0997 15824   volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/04/04 21:18:46.0014 15824   volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/04 21:18:46.0032 15824   volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/04/04 21:18:46.0069 15824   vpcbus          (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/04/04 21:18:46.0097 15824   vpcnfltr        (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
2011/04/04 21:18:46.0119 15824   vpcusb          (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/04/04 21:18:46.0149 15824   vpcvmm          (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
2011/04/04 21:18:46.0171 15824   vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/04 21:18:46.0193 15824   vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/04/04 21:18:46.0230 15824   WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/04 21:18:46.0268 15824   WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/04 21:18:46.0278 15824   Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/04 21:18:46.0333 15824   Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/04 21:18:46.0360 15824   WDC_SAM         (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
2011/04/04 21:18:46.0393 15824   Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/04 21:18:46.0449 15824   WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/04 21:18:46.0469 15824   WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/04 21:18:46.0496 15824   WinFLdrv        (3edae52bbccf3fdfbd884c8d7ba1d392) C:\Windows\system32\WinFLdrv.sys
2011/04/04 21:18:46.0546 15824   WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/04/04 21:18:46.0584 15824   WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/04 21:18:46.0615 15824   ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/04 21:18:46.0640 15824   WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
2011/04/04 21:18:46.0657 15824   WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
2011/04/04 21:18:46.0675 15824   WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
2011/04/04 21:18:46.0692 15824   WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
2011/04/04 21:18:46.0710 15824   WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
2011/04/04 21:18:46.0740 15824   WSDPrintDevice  (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
2011/04/04 21:18:46.0765 15824   WSDScan         (7dc0270cfd4a05b4112e3ebbf083b595) C:\Windows\system32\DRIVERS\WSDScan.sys
2011/04/04 21:18:46.0802 15824   WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/04/04 21:18:46.0828 15824   WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/04 21:18:46.0912 15824   ================================================================================
2011/04/04 21:18:46.0912 15824   Scan finished
2011/04/04 21:18:46.0912 15824   ================================================================================

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #7 on: April 04, 2011, 08:37:38 PM »
I am going to send you a private message on what to do with the logs.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #8 on: April 04, 2011, 09:15:54 PM »
I will run combofix tomorrow

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #9 on: April 04, 2011, 09:22:46 PM »
OK.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #10 on: April 05, 2011, 08:42:57 AM »
Have you ever messed with the paging file settings?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #11 on: April 05, 2011, 03:14:30 PM »
Maybe, some tweak I read about, but not 100% sure.

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27193
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Help!!
« Reply #12 on: April 05, 2011, 03:22:48 PM »
Lets see what combofix says before we dig into the paging file.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #13 on: April 05, 2011, 07:40:57 PM »
ComboFix 11-04-05.02 - Joe 04/05/2011  20:10:56.1.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3327.1900 [GMT -5:00]
Running from: c:\users\Joe\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ErrLog.txt
c:\program files\Genie-Soft\Genie Timeline\htmlayout.dll
c:\programdata\ntuser.dat
c:\programdata\SQLite3.dll
c:\programdata\uninst.exe
c:\restoration\Restoration.exe
c:\users\Joe\AppData\Roaming\EurekaLog
c:\users\Joe\AppData\Roaming\inst.exe
E:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-03-06 to 2011-04-06  )))))))))))))))))))))))))))))))
.
.
2011-04-06 01:20 . 2011-04-06 01:20   --------   d-----w-   c:\users\Mary\AppData\Local\temp
2011-04-06 01:20 . 2011-04-06 01:20   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-04-06 01:20 . 2011-04-06 01:20   --------   d-----w-   c:\users\Christian\AppData\Local\temp
2011-04-06 01:08 . 2011-04-06 01:08   --------   d-----w-   C:\32788R22FWJFW
2011-04-05 18:01 . 2011-03-15 04:05   6792528   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{C019A885-3F8D-4E51-A8CF-F3C3976743C6}\mpengine.dll
2011-04-05 00:00 . 2011-04-05 00:00   --------   d-----w-   c:\program files\WinPcap
2011-04-05 00:00 . 2011-04-05 00:00   --------   d-----w-   c:\program files\Trend Micro
2011-04-03 19:29 . 2011-04-03 19:30   --------   d-----w-   c:\program files\DVDFab 8
2011-04-02 21:16 . 2011-04-05 20:49   --------   d-----w-   c:\users\Mary\AppData\Local\CrashDumps
2011-03-28 01:48 . 2011-03-28 01:48   --------   d-----w-   c:\users\Christian\AppData\Local\AMD
2011-03-28 01:48 . 2011-03-28 01:48   --------   d-----w-   c:\users\Christian\AppData\Roaming\TeamViewer
2011-03-28 01:48 . 2011-03-28 01:48   --------   d-----w-   c:\users\Christian\AppData\Local\Western Digital
2011-03-28 01:48 . 2011-03-28 01:48   --------   d-----w-   c:\users\Christian\AppData\Roaming\Epson
2011-03-28 01:48 . 2011-03-28 01:48   --------   d-----w-   c:\users\Christian\AppData\Roaming\Logitech
2011-03-24 17:00 . 2011-03-24 17:00   --------   d-----w-   c:\program files\iPod
2011-03-24 17:00 . 2011-03-24 17:01   --------   d-----w-   c:\program files\iTunes
2011-03-24 16:57 . 2011-03-24 16:57   --------   d-----w-   c:\program files\Apple Software Update
2011-03-24 16:57 . 2011-03-24 16:57   --------   d-----w-   c:\program files\Bonjour
2011-03-24 16:57 . 2011-03-24 17:00   --------   d-----w-   c:\program files\Common Files\Apple
2011-03-24 16:04 . 2011-03-24 16:04   --------   d-----w-   c:\users\Joe\AppData\Roaming\DVDVideoSoft
2011-03-23 02:06 . 2011-03-23 02:06   --------   d-----w-   c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-23 01:04 . 2011-04-04 21:15   --------   d-----w-   c:\users\Francesca\AppData\Local\CrashDumps
2011-03-23 00:16 . 2011-03-18 17:53   142296   ----a-w-   c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-23 00:16 . 2011-03-18 17:53   781272   ----a-w-   c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-23 00:16 . 2011-03-18 17:53   1874904   ----a-w-   c:\program files\Mozilla Firefox\mozjs.dll
2011-03-23 00:16 . 2011-03-18 17:53   15832   ----a-w-   c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-23 00:16 . 2011-03-18 17:53   728024   ----a-w-   c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-23 00:16 . 2011-03-18 17:53   142296   ----a-w-   c:\program files\Mozilla Firefox\libEGL.dll
2011-03-23 00:16 . 2011-03-18 17:53   1893336   ----a-w-   c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-23 00:16 . 2011-03-18 17:53   1975768   ----a-w-   c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-16 22:29 . 2011-03-16 22:36   --------   d-----w-   c:\users\Joe\AppData\Local\Xmarks
2011-03-16 22:29 . 2011-03-16 22:31   --------   d-----w-   c:\program files\Xmarks
2011-03-12 17:28 . 2011-03-12 17:28   103864   ----a-w-   c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 17:28 . 2011-03-12 17:28   103864   ----a-w-   c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-03-10 03:31 . 2011-03-10 03:31   --------   d-----w-   c:\users\Joe\Logitech
2011-03-10 03:30 . 2011-03-10 03:30   --------   d-----w-   c:\program files\Common Files\Remote Control USB Driver
2011-03-10 03:29 . 2006-02-07 21:40   204800   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-03-10 03:29 . 2006-02-07 21:40   274432   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-03-10 03:29 . 2011-03-10 03:29   331908   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-03-10 03:29 . 2011-03-10 03:29   200836   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-03-10 03:29 . 2006-02-07 21:45   757760   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-03-10 03:29 . 2006-02-07 21:40   69715   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-03-10 03:29 . 2005-11-14 05:19   5632   ----a-w-   c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-03-09 16:27 . 2011-04-05 20:52   --------   d-----w-   c:\users\Joe\AppData\Local\CrashDumps
2011-03-09 01:50 . 2011-02-19 06:30   805376   ----a-w-   c:\windows\system32\FntCache.dll
2011-03-09 01:50 . 2011-02-19 06:30   1076736   ----a-w-   c:\windows\system32\DWrite.dll
2011-03-09 01:50 . 2011-02-19 06:30   739840   ----a-w-   c:\windows\system32\d2d1.dll
2011-03-09 01:50 . 2010-12-23 05:54   642048   ----a-w-   c:\windows\system32\CPFilters.dll
2011-03-09 01:50 . 2010-12-23 05:54   534528   ----a-w-   c:\windows\system32\EncDec.dll
2011-03-09 01:50 . 2010-12-23 05:54   850944   ----a-w-   c:\windows\system32\sbe.dll
2011-03-09 01:50 . 2010-12-23 05:50   199680   ----a-w-   c:\windows\system32\mpg2splt.ax
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 16:39 . 2010-06-24 16:33   18328   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-03 03:17 . 2009-07-14 02:05   152576   ----a-w-   c:\windows\system32\msclmd.dll
2011-02-18 22:36 . 2011-02-18 22:36   41984   ----a-w-   c:\windows\system32\drivers\usbaapl.sys
2011-02-18 22:36 . 2011-02-18 22:36   4184352   ----a-w-   c:\windows\system32\usbaaplrc.dll
2011-02-05 17:09 . 2011-02-05 17:09   53248   ----a-r-   c:\users\Joe\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-02-05 17:09 . 2010-12-31 03:04   16400   ----a-w-   c:\windows\system32\drivers\LNonPnP.sys
2011-02-03 05:54 . 2011-02-09 03:42   219008   ----a-w-   c:\windows\system32\drivers\dxgmms1.sys
2011-02-03 03:40 . 2010-04-20 00:39   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-02-02 23:11 . 2010-03-19 01:26   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-01-26 23:36 . 2011-01-26 23:36   7566848   ----a-w-   c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:00 . 2011-01-26 23:00   143360   ----a-w-   c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2010-02-03 04:23   596480   ----a-w-   c:\windows\system32\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59   17204736   ----a-w-   c:\windows\system32\atioglxx.dll
2011-01-26 22:56 . 2011-01-26 22:56   462848   ----a-w-   c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55 . 2011-01-26 22:55   393216   ----a-w-   c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55   176128   ----a-w-   c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54   159744   ----a-w-   c:\windows\system32\atitmmxx.dll
2011-01-26 22:53 . 2011-01-26 22:53   356352   ----a-w-   c:\windows\system32\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53   278528   ----a-w-   c:\windows\system32\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53   15872   ----a-w-   c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53   43520   ----a-w-   c:\windows\system32\ati2edxx.dll
2011-01-26 22:49 . 2010-04-07 02:06   4105728   ----a-w-   c:\windows\system32\atidxx32.dll
2011-01-26 22:32 . 2011-01-26 22:32   1912832   ----a-w-   c:\windows\system32\atiumdmv.dll
2011-01-26 22:28 . 2010-02-03 03:55   4170752   ----a-w-   c:\windows\system32\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27   46080   ----a-w-   c:\windows\system32\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27   44032   ----a-w-   c:\windows\system32\aticalcl.dll
2011-01-26 22:25 . 2011-01-26 22:25   5580800   ----a-w-   c:\windows\system32\aticaldd.dll
2011-01-26 22:24 . 2010-02-03 03:37   3463680   ----a-w-   c:\windows\system32\atiumdva.dll
2011-01-26 22:20 . 2010-02-03 03:23   52736   ----a-w-   c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2011-01-26 22:14   249856   ----a-w-   c:\windows\system32\atiadlxx.dll
2011-01-26 22:13 . 2011-01-26 22:13   12800   ----a-w-   c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13   32768   ----a-w-   c:\windows\system32\atigktxx.dll
2011-01-26 22:13 . 2011-01-26 22:13   238592   ----a-w-   c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 . 2010-02-03 03:23   30720   ----a-w-   c:\windows\system32\atiuxpag.dll
2011-01-26 22:12 . 2010-02-03 03:22   28672   ----a-w-   c:\windows\system32\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11   53248   ----a-w-   c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08   52736   ----a-w-   c:\windows\system32\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08   52736   ----a-w-   c:\windows\system32\amdpcom32.dll
2011-01-21 12:36 . 2011-01-21 12:36   80416   ----a-w-   c:\windows\system32\RtNicProp32.dll
2011-01-21 12:36 . 2011-01-21 12:36   328808   ----a-w-   c:\windows\system32\drivers\Rt86win7.sys
2011-01-17 05:47 . 2011-03-03 02:54   161792   ----a-w-   c:\windows\system32\d3d10_1.dll
2011-01-13 08:47 . 2010-10-17 04:38   38848   ----a-w-   c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-03-19 01:42   188216   ----a-w-   c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-03-19 01:42   294608   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-03-19 01:42   47440   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-03-19 01:42   23632   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-03-19 01:42   51280   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-03-19 01:42   17744   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 07:46 . 2011-02-23 04:37   870912   ----a-w-   c:\windows\system32\XpsPrint.dll
2011-01-07 07:46 . 2011-02-23 04:37   288256   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:45 . 2011-02-09 03:43   34304   ----a-w-   c:\windows\system32\atmlib.dll
2011-01-07 05:43 . 2011-02-09 03:43   294400   ----a-w-   c:\windows\system32\atmfd.dll
2011-01-06 01:34 . 2010-03-19 22:22   47360   ----a-w-   c:\users\Joe\AppData\Roaming\pcouffin.sys
2011-03-18 17:53 . 2011-03-23 00:16   142296   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36   94208   ----a-w-   c:\users\Joe\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36   94208   ----a-w-   c:\users\Joe\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36   94208   ----a-w-   c:\users\Joe\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OODIIcon]
@="{14A94384-BBED-47ed-86C0-6BF63FD892D0}"
[HKEY_CLASSES_ROOT\CLSID\{14A94384-BBED-47ed-86C0-6BF63FD892D0}]
2010-09-01 06:07   111944   ----a-w-   c:\program files\OO Software\DiskImage\oodishi.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"NetworkIndicator"="c:\program files\NetworkIndicator\NetworkIndicator.exe" [2010-01-04 163840]
"DesktopOK"="c:\users\Joe\Desktop\DesktopOK.exe" [2010-02-23 79872]
"Google Update"="c:\users\Joe\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-19 136176]
"NetBalancer"="c:\program files\NetBalancer\SeriousBit.NetBalancer.Tray.exe" [2010-12-10 79872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2006-08-17 249856]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-21 963976]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-12 21504]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1246544]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Genie TimeLine Tray"="c:\program files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe" [2011-01-11 1051264]
"LVCOMSX"="c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-02-06 252704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-01-30 3788632]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2010-11-25 2781000]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Trend Micro RUBotted V2.0 Beta"="c:\program files\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
.
c:\users\Francesca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-16 23343848]
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-2-16 967168]
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-3-19 576000]
XWindows Dock.lnk - c:\program files\XWindows Dock\XWD.exe [2010-11-16 2217472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-11-8 3986944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13   64592   ----a-w-   c:\program files\Common Files\logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Joe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 04:07   932288   ----a-r-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus NX510(Network) @ Stornello-PC1]
2009-11-04 12:07   199680   ----a-w-   c:\windows\System32\spool\drivers\w32x86\3\E_FATIFIA.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON09EB72]
2009-11-04 12:07   199680   ----a-w-   c:\windows\System32\spool\drivers\w32x86\3\E_FATIFIA.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44   31072   ----a-w-   c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-12-21 00:08   963976   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODITRAY.EXE]
2010-09-01 06:07   2192712   ----a-w-   c:\program files\OO Software\DiskImage\ooditray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xmarks]
2011-02-05 15:55   1092808   ----a-w-   c:\program files\Xmarks\IE Extension\xmarkssync.exe
.
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-19 133104]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-10 399416]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-03-10 25112]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\RegFilter.sys [2011-01-26 41424]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 35328]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 35328]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-01-26 24432]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-01 1343400]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-09-19 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-09-19 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-09-19 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-09-19 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-09-19 25704]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-01-29 18256]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\DRIVERS\oodisr.sys [2010-09-01 96336]
S0 oodisrh;oodisrh;c:\windows\system32\DRIVERS\oodisrh.sys [2010-09-01 28752]
S0 oodivd;O&O DiskImage Virtual Devices Driver;c:\windows\system32\DRIVERS\oodivd.sys [2010-09-01 171088]
S0 oodivdh;oodivdh;c:\windows\system32\DRIVERS\oodivdh.sys [2010-09-01 31824]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
S1 aswSP;aswSP;

S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2010-12-09 64608]
S1 CFRPD;CFRPD;c:\windows\system32\DRIVERS\CFRPD.sys [2010-12-09 33744]
S2 AirPrint;AirPrint;c:\program files\AirPrint\airprint.exe [2010-10-07 234784]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-27 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Cleaner_Validator;COMODO System - Cleaner Service;c:\program files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 305600]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-04-10 294912]
S2 Firefox Service;Firefox Service;c:\users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\u36cr1xu.default\extensions\startup.service@mozilla.com\svc.exe [2011-03-10 83456]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-05 238952]
S2 GenieTimelineService;Genie Timeline Service;c:\program files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [2011-01-11 362624]
S2 GreenPrint;GreenPrint;c:\program files\GreenPrint\GPSRHT01.exe [2009-10-28 427048]
S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-01-30 821592]
S2 NetBalancer Windows Service;NetBalancer Windows Service;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2010-12-10 10240]
S2 OO DiskImage;OO DiskImage;c:\program files\OO Software\DiskImage\oodiag.exe [2010-09-01 2811208]
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2010-11-25 2404168]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2007-12-11 27648]
S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-11-08 237568]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-11-08 1060352]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-11-08 484352]
S2 WebUpdate4;Web Update Wizard Service V4;c:\windows\system32\WebUpdateSvc4.exe [2008-09-15 262360]
S2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2010-11-03 17984]
S3 ALSysIO;ALSysIO;c:\users\Joe\AppData\Local\Temp\ALSysIO.sys

S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-08-24 10448]
S3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [2010-05-15 28776]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile   REG_MULTI_SZ      wcescomm rapimgr
LocalServiceRestricted   REG_MULTI_SZ      WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-05 c:\windows\Tasks\COMODO Updater.job
- c:\program files\COMODO\COMODO System-Cleaner\Updater.exe [2010-12-09 12:08]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-19 01:42]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-19 01:42]
.
2011-04-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3473983106-165326119-2687021982-1001Core.job
- c:\users\Joe\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-27 04:57]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3473983106-165326119-2687021982-1001UA.job
- c:\users\Joe\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-27 04:57]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3473983106-165326119-2687021982-1004Core.job
- c:\users\Francesca\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-12 04:57]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3473983106-165326119-2687021982-1004UA.job
- c:\users\Francesca\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-12 04:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Joe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Joe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: cleverreach.com\novastor
Trusted Zone: google-analytics.com
Trusted Zone: novastor.com
FF - ProfilePath - c:\users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\u36cr1xu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://dsl.sbc.yahoo.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{9e3f670b-884b-4776-a19f-d363c9a4145c} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{9E3F670B-884B-4776-A19F-D363C9A4145C} - (no file)
HKCU-Run-Core Temp - c:\core temp\Core Temp.exe
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
SafeBoot-SolutoService
AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,87,43,7b,fb,bc,20,01,4c,8d,2e,cb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,87,43,7b,fb,bc,20,01,4c,8d,2e,cb,\
.
[HKEY_USERS\S-1-5-21-3473983106-165326119-2687021982-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\L*i*n*k*s* \Smart Bookmarks]
"Order"=hex:08,00,00,00,02,00,00,00,0c,00,00,00,01,00,00,00,00,00,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2800)
c:\program files\TeamViewer\Version5\tv.dll
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
c:\users\Joe\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\OO Software\DiskImage\oodishi.dll
c:\program files\OO Software\DiskImage\oodishrs.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Core Temp\Core Temp.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40ST7.EXE
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\GreenPrint\gpsrdg01.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\UTSCSI.EXE
c:\windows\System32\vds.exe
c:\program files\TeamViewer\Version5\TeamViewer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\vdsldr.exe
c:\program files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
c:\program files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
c:\program files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\msfeedssync.exe
.
**************************************************************************
.
Completion time: 2011-04-05  20:31:10 - machine was rebooted
ComboFix-quarantined-files.txt  2011-04-06 01:31
.
Pre-Run: 55,385,604,096 bytes free
Post-Run: 57,404,837,888 bytes free
.
- - End Of File - - 6424335621794BB1FF1B605F50F7256E

*

Offline stogie53

  • Bronze Member
  • 30
Re: [In Progress] Help!!
« Reply #14 on: April 05, 2011, 07:42:35 PM »
this is one of the error messages i get when things stop working.....

The instance at 0x00000000 referenced memory 0x00000000 then memory could not be written.