Jump to content


Photo
- - - - -

stymied by redirection trojan

redirection trojan malware vi

  • This topic is locked This topic is locked
3 replies to this topic

#1 swb

swb

    New Member

  • Members
  • Pip
  • 2 posts
  • Gender:Male

Posted 24 March 2012 - 12:40 PM

Greetings,

Well, I've admitted defeat, so here I am, hat in hand, humbly asking for assistance.

I'm stuck on this one, so I hope someone here can help out. Below are the logfiles as requested.

An interesting point: I was unable to create a forum account here because the CaptureCode segment wouldn't display.

Here are the logs:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2011-03-30 6:22:07 a.m.
System Uptime: 2012-03-24 12:21:09 p.m. (0 hours ago)
.
Motherboard: Hewlett-Packard | | 1641
Processor: AMD Phenom™ II P960 Quad-Core Processor | Socket S1G4 | 1800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 572 GiB total, 463.355 GiB free.
D: is FIXED (NTFS) - 24 GiB total, 3.202 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP339: 2012-03-21 4:41:25 p.m. - Windows Update
RP344: 2012-03-22 10:07:35 a.m. - Installed AVG 2012
RP346: 2012-03-22 10:32:04 a.m. - Microsoft Antimalware Checkpoint
RP347: 2012-03-23 10:36:14 a.m. - Removed AVG 2012
RP348: 2012-03-23 10:39:06 a.m. - Removed AVG 2012
RP350: 2012-03-23 10:43:38 a.m. - Microsoft Antimalware Checkpoint
RP351: 2012-03-23 4:21:39 p.m. - Removed BlueStacks (alpha)
RP352: 2012-03-23 4:23:20 p.m. - Norton_Power_Eraser_20120323162320288
RP353: 2012-03-23 6:36:27 p.m. - Norton_Power_Eraser_20120323183623239
RP354: 2012-03-23 6:39:22 p.m. - Removed BlueStacks (alpha)
RP355: 2012-03-24 9:03:12 a.m. - Norton_Power_Eraser_20120324090307753
RP356: 2012-03-24 11:04:36 a.m. - Norton_Power_Eraser_20120324110424315
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65
Ad-Aware
Adobe AIR
Adobe Digital Editions
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Bing Rewards Client Installer
Blackhawk Striker 2
Bounce Symphony
Build-a-lot 2
Cake Mania
Canon MF Toolbox 4.9.1.1.mf09
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cobian Backup 11 Gravity
Contents
Corel PaintShop Photo Pro X3
Corel VideoStudio Pro X3
CyberLink DVD Suite
D3DX10
DesignPro 5
DeviceIO
DHTML Editing Component
Diner Dash 2 Restaurant Rescue
Dink Smallwood HD (remove only)
Dora's World Adventure
DriveImage XML (Private Edition)
DVD Menu Pack for HP MediaSmart Video
EasyCleaner
EmSense 1.15.1
Energy Star Digital Logo
Escape Rosecliff Island
ESET Online Scanner v3
ESU for Microsoft Windows 7
Fairy Island
Farm Frenzy
FATE
FeedDemon
Fences Pro
Final Drive Nitro
Formula Checking Assistant
Ghostery IE Plugin
Google Chrome
Google SketchUp 8
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP DVB-T TV Tuner 8.0.64.43
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass Identity Protection
HP Software Framework
HP Support Assistant
ICA
IDT Audio
Internet TV for Windows Media Center
IPM_PSP_Pro
IPM_VS_Pro
ISCOM
Java Auto Updater
Java™ 6 Update 20
Java™ 6 Update 22
Java™ 6 Update 27
Junk Mail filter update
KeePass Password Safe 2.15
King's Smith 2
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.61.0.1300
Mesh Runtime
Microsoft .NET Compact Framework 3.5
Microsoft Default Manager
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - The London Caper
Mystic Gallery
Norton AntiVirus
OneClickdigital Media Manager
OpenDNS Updater 2.2.1
OverDrive Media Console
Panda ActiveScan 2.0
Penguins!
Plants vs. Zombies
PlayReady PC Runtime x86
Polar Bowler
Power2Go
PowerDirector
Presto! PageManager 7.15.35
PSPPContent
PSPPRO_DCRAW
PTFB
PureHD
Quicken 2011
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
RootsMagic 5.0.2.1
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Setup
Share
Spybot - Search & Destroy
SpywareBlaster 4.6
The Real Yellow Pages v7.3.5
The Village Mage - Spellbinder
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VIO
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
VSClassic
VSPro
WebM Media Foundation Components
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Silverlight
Windows Media Encoder 9 Series
Windows Resource Kit Tools - SubInAcl.exe
WizMouse v1.6.0.1
.
==== Event Viewer Messages From Past Week ========
.
2012-03-24 9:40:25 a.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 9:40:25 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2012-03-24 9:40:25 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2012-03-24 9:40:22 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2012-03-24 9:40:13 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2012-03-24 9:31:23 a.m., Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
2012-03-24 9:31:08 a.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NAV discache eeCtrl IDSVia64 Lbd pavboot spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
2012-03-24 9:28:41 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
2012-03-24 9:28:40 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
2012-03-24 12:24:33 p.m., Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
2012-03-24 12:24:28 p.m., Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The specified module could not be found.
2012-03-24 12:23:05 p.m., Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
2012-03-24 12:22:23 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
2012-03-24 12:22:22 p.m., Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
2012-03-24 12:22:21 p.m., Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
2012-03-24 10:13:09 a.m., Error: Service Control Manager [7000] - The Cobian Backup 11 Volume Shadow Copy Requester service failed to start due to the following error: The system cannot find the file specified.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_NAV DfsC discache eeCtrl IDSVia64 Lbd NetBIOS NetBT nsiproxy pavboot Psched rdbss spldr SRTSP SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The LPD Service service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2012-03-24 10:05:40 a.m., Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2012-03-23 6:25:37 p.m., Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
2012-03-23 4:17:16 p.m., Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
2012-03-23 3:03:32 p.m., Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
2012-03-23 3:03:32 p.m., Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
2012-03-23 2:58:00 p.m., Error: Service Control Manager [7000] - The RkPavproc1 service failed to start due to the following error: This driver has been blocked from loading
2012-03-23 2:58:00 p.m., Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2012-03-23 2:12:13 p.m., Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.
2012-03-23 12:15:11 p.m., Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
2012-03-23 12:01:31 a.m., Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.123.194.0).
2012-03-23 11:09:21 a.m., Error: Microsoft Antimalware [3002] -
2012-03-23 11:08:57 a.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
2012-03-23 11:08:57 a.m., Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2012-03-23 1:51:49 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002fc47da, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032312-71074-01.
2012-03-23 1:39:32 p.m., Error: Service Control Manager [7034] - The EgisTec Ticket Service service terminated unexpectedly. It has done this 1 time(s).
2012-03-23 1:05:25 p.m., Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
2012-03-22 9:44:02 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:43:52 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DHCP Client service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:40:03 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:40:03 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:39:56 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Function Discovery Resource Publication service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:39:26 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Event Log service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:39:07 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the COM+ Event System service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:39:02 a.m., Error: Service Control Manager [7034] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 2 time(s).
2012-03-22 9:39:02 a.m., Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 2 time(s).
2012-03-22 9:39:02 a.m., Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-22 9:39:02 a.m., Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:39:02 a.m., Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
2012-03-22 9:38:58 a.m., Error: Service Control Manager [7034] - The UPnP Device Host service terminated unexpectedly. It has done this 3 time(s).
2012-03-22 9:38:58 a.m., Error: Service Control Manager [7034] - The SSDP Discovery service terminated unexpectedly. It has done this 3 time(s).
2012-03-22 9:38:58 a.m., Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-22 9:38:52 a.m., Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:52 a.m., Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-22 9:38:46 a.m., Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:37 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SSDP Discovery service, but this action failed with the following error: An instance of the service is already running.
2012-03-22 9:38:36 a.m., Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:36 a.m., Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7034] - The Function Discovery Provider Host service terminated unexpectedly. It has done this 1 time(s).
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 1 time(s).
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7031] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:30 a.m., Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The Security Center service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The HomeGroup Provider service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-22 9:38:26 a.m., Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-22 5:54:02 a.m., Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
2012-03-22 5:42:50 a.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache Lbd MpFilter spldr Wanarpv6
2012-03-22 10:01:53 a.m., Error: Service Control Manager [7022] - The Windows Update service hung on starting.
2012-03-21 7:31:54 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800023767da, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032112-27268-01.
2012-03-21 7:21:16 a.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WcesComm with arguments "" in order to run the server: {373E19B5-76AA-46D5-93A9-2E39A99B39B2}
2012-03-21 7:18:30 p.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Driver Foundation - User-mode Driver Framework service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 7:17:30 p.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 7:16:43 p.m., Error: Service Control Manager [7031] - The Windows Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:43 p.m., Error: Service Control Manager [7031] - The Diagnostic Policy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:43 p.m., Error: Service Control Manager [7031] - The Base Filtering Engine service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Tablet PC Input Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 7:16:30 p.m., Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:38:07 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:36:48 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:35:07 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:34:56 a.m., Error: Service Control Manager [7034] - The Windows Mobile-based device connectivity service terminated unexpectedly. It has done this 3 time(s).
2012-03-21 6:34:56 a.m., Error: Service Control Manager [7034] - The Windows Mobile-2003-based device connectivity service terminated unexpectedly. It has done this 3 time(s).
2012-03-21 6:34:51 a.m., Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:34:51 a.m., Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:34:51 a.m., Error: Service Control Manager [7031] - The Security Center service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:34:51 a.m., Error: Service Control Manager [7031] - The HomeGroup Provider service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:33:48 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Workstation service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:33:42 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7034] - The Windows Update service terminated unexpectedly. It has done this 2 time(s).
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:33:07 a.m., Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:33:03 a.m., Error: Service Control Manager [7034] - The SSDP Discovery service terminated unexpectedly. It has done this 4 time(s).
2012-03-21 6:33:03 a.m., Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:32:50 a.m., Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 4 time(s).
2012-03-21 6:32:50 a.m., Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 4 time(s).
2012-03-21 6:32:25 a.m., Error: Service Control Manager [7031] - The Windows Mobile-based device connectivity service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:32:25 a.m., Error: Service Control Manager [7031] - The Windows Mobile-2003-based device connectivity service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:57 a.m., Error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 3 time(s).
2012-03-21 6:31:57 a.m., Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s).
2012-03-21 6:31:57 a.m., Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 3 time(s).
2012-03-21 6:31:52 a.m., Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Mobile-based device connectivity service, but this action failed with the following error: An instance of the service is already running.
2012-03-21 6:31:48 a.m., Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 2 time(s).
2012-03-21 6:31:48 a.m., Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:48 a.m., Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:31:36 a.m., Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:30:52 a.m., Error: Service Control Manager [7031] - The Windows Mobile-based device connectivity service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:30:52 a.m., Error: Service Control Manager [7031] - The Windows Mobile-2003-based device connectivity service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:30:36 a.m., Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:30:36 a.m., Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-21 6:30:36 a.m., Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-21 6:30:36 a.m., Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:30:26 a.m., Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 6:30:26 a.m., Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2012-03-21 6:30:26 a.m., Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2012-03-21 6:30:26 a.m., Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2012-03-21 4:44:49 p.m., Error: Service Control Manager [7022] - The Windows Search service hung on starting.
2012-03-21 4:41:07 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
2012-03-21 4:41:07 p.m., Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2012-03-21 4:40:37 p.m., Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2012-03-21 4:40:37 p.m., Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
2012-03-21 4:37:34 p.m., Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2012-03-21 4:35:34 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2012-03-21 4:35:28 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2012-03-21 4:32:51 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2012-03-21 4:32:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2012-03-21 4:31:40 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache Lbd MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
2012-03-20 9:00:26 a.m., Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
2012-03-19 6:20:51 a.m., Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Steve at 12:29:35 on 2012-03-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1607 [GMT -5:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\WizMouse\WizMouse.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\Cobian Backup 11\cbService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\ccSvcHst.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Technology Lighthouse\PTFB\PTFB.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
-netsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://home.myplaycity.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Ghostery Add-On: {237eb6da-3fea-4dd2-8a61-a901b5c489d7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\IPS\IPSBHO.DLL
BHO: EgisPBIE Sign-in Helper: {7b51ccbe-4af9-44a6-bdab-d7f7e4c4e6f9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [Google Update] "C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [Cobian Backup 11 interface] "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
dRun: [drivermgr] C:\Windows\System32\config\systemprofile\AppData\Roaming\devicemgrpro.exe
StartupFolder: C:\Users\Steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\Users\Steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PTFB.lnk - C:\Program Files (x86)\Technology Lighthouse\PTFB\PTFB.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/betapit/PCPitStop.CAB
DPF: {10000000-1000-1000-1000-100000000000} - hxxp://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/World%20Mosaics/Images/stg_drm.ocx
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/World%20Mosaics/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0E2D8DD3-3BC4-499A-9D13-B6294D99C6C8} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{76D65EC0-DC47-49CD-8173-B0111A52404E} : NameServer = 208.67.222.222,208.67.222.220
TCP: Interfaces\{76D65EC0-DC47-49CD-8173-B0111A52404E} : DhcpNameServer = 192.168.1.1
Filter: text/html - {4459DC76-1FDE-4B16-BAD0-E4F8E7647555} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryMimeFilter.dll
LSA: Notification Packages = scecli EgisPwdFilter EgisDSPwdFilter
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Ghostery Add-On: {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll
BHO-X64: Ghostery BHO - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: EgisPBIE Sign-in Helper: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll
BHO-X64: EgisPBIE - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
mRun-x64: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun-x64: [Cobian Backup 11 interface] "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\qp6girlr.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://home.myplaycity.com/results.php?category=web&s=
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll
FF - component: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\components\FFGlobalExtension.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files\Firefox ActiveX Plugin\npffax.dll
FF - plugin: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys --> C:\Windows\system32\drivers\pavboot64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NAVx64\1301010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NAVx64\1301010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NAVx64\1301010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NAVx64\1301010.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-3-17 1157240]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\system32\drivers\NAVx64\1301010.003\ccSetx64.sys --> C:\Windows\system32\drivers\NAVx64\1301010.003\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20120323.002\IDSviA64.sys [2012-3-23 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NAVx64\1301010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NAVx64\1301010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\NAVx64\1301010.003\SYMNETS.SYS --> C:\Windows\system32\drivers\NAVx64\1301010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-6 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-3-24 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity;C:\Program Files (x86)\Cobian Backup 11\cbService.exe [2012-3-24 1131008]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2011-4-19 704048]
R2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-19 646704]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-24 654408]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\ccSvcHst.exe [2012-3-23 138760]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 1799472]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-3-23 138360]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/03/06 01:08:02;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-3-6 245232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-2 136176]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-4 1153368]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-2 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-3-16 129976]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-24 17:22:58 20480 ----a-w- C:\Windows\svchost.exe
2012-03-24 15:35:01 -------- d-----w- C:\Program Files (x86)\Cobian Backup 11
2012-03-24 15:25:55 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2012-03-23 20:32:50 -------- d-----w- C:\Users\Steve\AppData\Local\NPE
2012-03-23 19:53:05 33800 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
2012-03-23 19:52:36 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-03-23 19:51:47 -------- d--h--w- C:\Windows\AxInstSV
2012-03-23 19:47:08 -------- d-----w- C:\Program Files (x86)\ESET
2012-03-23 19:26:57 405624 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\symnets.sys
2012-03-23 19:26:56 738936 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\srtsp64.sys
2012-03-23 19:26:56 451192 ----a-r- C:\Windows\System32\drivers\NAVx64\1306020.00A\symds64.sys
2012-03-23 19:26:56 37496 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\srtspx64.sys
2012-03-23 19:26:56 190072 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\ironx64.sys
2012-03-23 19:26:56 1092728 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\symefa64.sys
2012-03-23 19:26:55 167048 ----a-w- C:\Windows\System32\drivers\NAVx64\1306020.00A\ccsetx64.sys
2012-03-23 19:26:30 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1306020.00A
2012-03-23 18:55:07 -------- d-----w- C:\Users\Steve\AppData\Local\ElevatedDiagnostics
2012-03-23 16:03:51 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-03-23 15:45:52 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-23 15:45:51 -------- d-----w- C:\Program Files\Symantec
2012-03-23 15:45:51 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-03-23 15:44:17 729720 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\srtsp64.sys
2012-03-23 15:44:17 451192 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\SymDS64.sys
2012-03-23 15:44:17 401016 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\symnets.sys
2012-03-23 15:44:17 37496 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\srtspx64.sys
2012-03-23 15:44:17 189560 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\Ironx64.sys
2012-03-23 15:44:17 1084536 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\SymEFA64.sys
2012-03-23 15:44:16 167048 ----a-r- C:\Windows\System32\drivers\NAVx64\1301010.003\ccSetx64.sys
2012-03-23 15:42:49 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1301010.003
2012-03-23 15:42:49 -------- d-----w- C:\Windows\System32\drivers\NAVx64
2012-03-23 15:42:45 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus
2012-03-23 15:34:40 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-03-23 04:49:55 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2012-03-22 16:15:05 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2012-03-22 15:54:40 -------- d--h--w- C:\$AVG
2012-03-22 14:56:04 -------- d-----w- C:\Users\Steve\AppData\Roaming\AVG2012
2012-03-22 14:44:48 -------- d--h--w- C:\ProgramData\Common Files
2012-03-22 14:43:15 -------- d-----w- C:\ProgramData\AVG2012
2012-03-22 14:42:44 -------- d-----w- C:\Program Files (x86)\AVG
2012-03-20 23:16:31 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-03-19 02:23:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-18 15:04:21 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-18 15:04:20 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-18 15:04:19 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-17 04:42:47 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-03-17 04:42:45 145960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-03-17 04:42:45 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-03-16 02:20:54 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-16 02:20:44 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-16 02:20:44 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-16 02:20:24 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-16 02:20:24 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-16 02:20:24 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-16 02:20:05 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-16 02:20:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-16 02:20:05 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-16 02:20:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-15 17:25:30 -------- d-----w- C:\Users\Steve\VirtualBox VMs
2012-03-15 16:21:59 -------- d-----w- C:\Users\Steve\.VirtualBox
2012-03-15 16:19:34 -------- d-----w- C:\Program Files\Oracle
2012-03-09 03:33:40 -------- d-----w- C:\Users\Steve\AppData\Local\HuluDesktop
2012-03-08 02:36:27 -------- d-----w- C:\Users\Steve\AppData\Roaming\Alawar
2012-03-08 02:36:27 -------- d-----w- C:\ProgramData\Alawar
2012-03-06 02:36:05 -------- d-----w- C:\Users\Steve\AppData\Roaming\V-Games
2012-03-03 02:10:05 -------- d-----w- C:\ProgramData\RootsMagic Shared
2012-03-03 02:10:05 -------- d-----w- C:\Program Files (x86)\RootsMagic 5
2012-03-01 11:36:41 -------- d-----w- C:\Users\Steve\AppData\Roaming\Mystery of Mortlake Mansion
2012-02-29 06:53:59 -------- d-----w- C:\Program Files (x86)\GhosteryIEplugin
2012-02-26 04:07:14 -------- d-----w- C:\Users\Steve\AppData\Roaming\NewSoft
2012-02-25 13:20:06 -------- d-----w- C:\Users\Steve\AppData\Local\STARGAZE_IMAGE_CACHE
.
==================== Find3M ====================
.
2012-02-17 14:47:18 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2011-12-29 17:24:34 111408 ----a-w- C:\Windows\System32\drivers\86192546.sys
2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-07-21 22:10:06 7220956 ----a-w- C:\Program Files (x86)\MadShapes.exe
.
============= FINISH: 12:33:34.60 ===============

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#2 swb

swb

    New Member

  • Members
  • Pip
  • 2 posts
  • Gender:Male

Posted 27 March 2012 - 10:39 AM

I'm getting great support from Bob Guryan by e-mail, so this request can be closed.

#3 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 27 March 2012 - 04:27 PM

Thank you for taking the time to post back and letting us know Posted Image
Peace be with you Posted Image
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 27 March 2012 - 04:27 PM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users