GeckospotNixie

Members
  • Content count

    31
  • Joined

  • Last visited

About GeckospotNixie

  • Rank
    New Member

Profile Information

  • Location
    Delaware US
  1. Thank You All cleaned up. GeckospotNixie
  2. Maniac Again Sorry you know once you get used to logging in to the drive you don’t even think about it. Ok I ran full scan using Microsoft Security Essentials. The results way no items found, all clean. I also ran a full scan with Malwarebytes PRO. The results of that was clean no items found. Thank you for your help! I have made a Donation for your time that I wasted. What do I need to do to clean up and remove the tools that we used? GeckospotNixie
  3. You know one bit of info I forgot to tell you is that my main C drive is an Intel SSD and is encrypted by WinMagic SecureDoc. Sorry for that! I just thought of it when I booted up just now. Would this look like a “RootKit” malware? GeckospotNixie
  4. This file is just way too long to post in an open txt post. So I posted the beginning and this is the end part of the file. I have attached the full text log file to this post. TDSSKiller did not find anything. Second file end part of the file TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt 21:52:43.0376 7700 [ 79138CDFE3265A4E444E8F5B7DE2B1C7 ] C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe 21:52:43.0376 7700 C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe - ok 21:52:43.0376 7700 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll 21:52:43.0376 7700 C:\Windows\System32\aeevts.dll - ok 21:52:43.0376 7700 ============================================================ 21:52:43.0376 7700 Scan finished 21:52:43.0376 7700 ============================================================ 21:52:43.0386 1196 Detected object count: 0 21:52:43.0386 1196 Actual detected object count: 0 21:52:51.0677 3636 Deinitialize success TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt
  5. It is going to have three post the file is to long to post all at one time. This is the first part of the second file. Second file First section TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt 21:51:51.0107 3676 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 21:51:51.0154 3676 ============================================================ 21:51:51.0154 3676 Current date / time: 2013/02/21 21:51:51.0154 21:51:51.0154 3676 SystemInfo: 21:51:51.0154 3676 21:51:51.0154 3676 OS Version: 6.1.7601 ServicePack: 1.0 21:51:51.0154 3676 Product type: Workstation 21:51:51.0154 3676 ComputerName: TH 21:51:51.0154 3676 UserName: twhauff 21:51:51.0154 3676 Windows directory: C:\Windows 21:51:51.0154 3676 System windows directory: C:\Windows 21:51:51.0154 3676 Running under WOW64 21:51:51.0154 3676 Processor architecture: Intel x64 21:51:51.0154 3676 Number of processors: 8 21:51:51.0154 3676 Page size: 0x1000 21:51:51.0154 3676 Boot type: Normal boot 21:51:51.0154 3676 ============================================================ 21:51:51.0482 3676 BG loaded 21:51:51.0731 3676 Drive \Device\Harddisk0\DR0 - Size: 0x8BBA5F6000 (558.91 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:51:51.0731 3676 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:51:51.0747 3676 Drive \Device\Harddisk2\DR2 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:51:51.0840 3676 Drive \Device\Harddisk3\DR3 - Size: 0xEC400000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:51:51.0840 3676 ============================================================ 21:51:51.0840 3676 \Device\Harddisk0\DR0: 21:51:51.0840 3676 MBR partitions: 21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2CE000 21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2CE800, BlocksNum 0x43583000 21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x43851800, BlocksNum 0x2581000 21:51:51.0840 3676 \Device\Harddisk1\DR1: 21:51:51.0840 3676 MBR partitions: 21:51:51.0840 3676 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800 21:51:51.0840 3676 \Device\Harddisk2\DR2: 21:51:51.0840 3676 MBR partitions: 21:51:51.0840 3676 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800 21:51:51.0840 3676 \Device\Harddisk3\DR3: 21:51:51.0840 3676 MBR partitions: 21:51:51.0840 3676 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000 21:51:51.0840 3676 ============================================================ 21:51:51.0840 3676 Q: <-> \Device\Harddisk0\DR0\Partition3 21:51:51.0840 3676 F: <-> \Device\Harddisk2\DR2\Partition1 21:51:51.0887 3676 D: <-> \Device\Harddisk1\DR1\Partition1 21:51:51.0887 3676 ============================================================ 21:51:51.0887 3676 Initialize success 21:51:51.0887 3676 ============================================================ 21:52:36.0965 7700 ============================================================ 21:52:36.0965 7700 Scan started 21:52:36.0965 7700 Mode: Manual; SigCheck; TDLFS; 21:52:36.0965 7700 ============================================================ 21:52:37.0035 7700 ================ Scan system memory ======================== 21:52:37.0035 7700 System memory - ok 21:52:37.0035 7700 ================ Scan services ============================= 21:52:37.0045 7700 1394ohci - ok 21:52:37.0045 7700 5U877 - ok 21:52:37.0045 7700 ACPI - ok 21:52:37.0045 7700 AcpiPmi - ok 21:52:37.0055 7700 AcPrfMgrSvc - ok 21:52:37.0065 7700 AcSvc - ok 21:52:37.0065 7700 AdobeARMservice - ok 21:52:37.0065 7700 adp94xx - ok 21:52:37.0065 7700 adpahci - ok 21:52:37.0075 7700 adpu320 - ok 21:52:37.0075 7700 AeLookupSvc - ok 21:52:37.0075 7700 AFD - ok 21:52:37.0075 7700 agp440 - ok 21:52:37.0085 7700 Akamai - ok 21:52:37.0085 7700 aksdf - ok 21:52:37.0095 7700 aksfridge - ok 21:52:37.0095 7700 akshasp - ok 21:52:37.0095 7700 akshhl - ok 21:52:37.0105 7700 aksusb - ok 21:52:37.0105 7700 ALG - ok 21:52:37.0105 7700 aliide - ok 21:52:37.0105 7700 ALSysIO - ok 21:52:37.0105 7700 amdide - ok 21:52:37.0115 7700 AmdK8 - ok 21:52:37.0115 7700 AmdPPM - ok 21:52:37.0115 7700 amdsata - ok 21:52:37.0115 7700 amdsbs - ok 21:52:37.0125 7700 amdxata - ok 21:52:37.0125 7700 AMPPAL - ok 21:52:37.0125 7700 AnukoTime - ok 21:52:37.0125 7700 AppID - ok 21:52:37.0135 7700 AppIDSvc - ok 21:52:37.0135 7700 Appinfo - ok 21:52:37.0135 7700 Apple Mobile Device - ok 21:52:37.0135 7700 AppMgmt - ok 21:52:37.0145 7700 arc - ok 21:52:37.0145 7700 arcsas - ok 21:52:37.0145 7700 aspnet_state - ok 21:52:37.0155 7700 AsyncMac - ok 21:52:37.0155 7700 atapi - ok 21:52:37.0155 7700 AudioEndpointBuilder - ok 21:52:37.0155 7700 AudioSrv - ok 21:52:37.0165 7700 AX88178 - ok 21:52:37.0165 7700 AxInstSV - ok 21:52:37.0165 7700 b06bdrv - ok 21:52:37.0165 7700 b57nd60a - ok 21:52:37.0165 7700 BDESVC - ok 21:52:37.0175 7700 Beep - ok 21:52:37.0175 7700 BFE - ok 21:52:37.0175 7700 BITS - ok 21:52:37.0175 7700 blbdrive - ok 21:52:37.0185 7700 Bonjour Service - ok 21:52:37.0185 7700 bowser - ok 21:52:37.0185 7700 BrFiltLo - ok 21:52:37.0185 7700 BrFiltUp - ok 21:52:37.0195 7700 Browser - ok 21:52:37.0195 7700 Brserid - ok 21:52:37.0195 7700 BrSerWdm - ok 21:52:37.0195 7700 BrUsbMdm - ok 21:52:37.0195 7700 BrUsbSer - ok 21:52:37.0205 7700 BthEnum - ok 21:52:37.0205 7700 BTHMODEM - ok 21:52:37.0205 7700 BthPan - ok 21:52:37.0205 7700 BTHPORT - ok 21:52:37.0215 7700 bthserv - ok 21:52:37.0215 7700 BTHUSB - ok 21:52:37.0215 7700 BTWAMPFL - ok 21:52:37.0215 7700 btwaudio - ok 21:52:37.0215 7700 btwavdt - ok 21:52:37.0225 7700 btwdins - ok 21:52:37.0225 7700 btwl2cap - ok 21:52:37.0225 7700 btwrchid - ok 21:52:37.0225 7700 cdfs - ok 21:52:37.0235 7700 cdrom - ok 21:52:37.0235 7700 CertPropSvc - ok 21:52:37.0235 7700 circlass - ok 21:52:37.0235 7700 CLFS - ok 21:52:37.0245 7700 clr_optimization_v2.0.50727_32 - ok 21:52:37.0245 7700 clr_optimization_v2.0.50727_64 - ok 21:52:37.0245 7700 clr_optimization_v4.0.30319_32 - ok 21:52:37.0245 7700 clr_optimization_v4.0.30319_64 - ok 21:52:37.0255 7700 CmBatt - ok 21:52:37.0255 7700 cmdide - ok 21:52:37.0255 7700 CNG - ok 21:52:37.0255 7700 CnxtHdAudService - ok 21:52:37.0255 7700 Compbatt - ok 21:52:37.0265 7700 CompositeBus - ok 21:52:37.0265 7700 COMSysApp - ok 21:52:37.0265 7700 CoordinatorServiceHost - ok 21:52:37.0275 7700 cpudrv64 - ok 21:52:37.0275 7700 crcdisk - ok 21:52:37.0275 7700 CryptSvc - ok 21:52:37.0275 7700 CSC - ok 21:52:37.0285 7700 CscService - ok 21:52:37.0285 7700 CxAudMsg - ok 21:52:37.0285 7700 DcomLaunch - ok 21:52:37.0285 7700 defragsvc - ok 21:52:37.0295 7700 DfsC - ok 21:52:37.0295 7700 Dhcp - ok 21:52:37.0295 7700 discache - ok 21:52:37.0295 7700 Disk - ok 21:52:37.0305 7700 DisplayLinkService - ok 21:52:37.0305 7700 DisplayLinkUsbPort - ok 21:52:37.0305 7700 dlkmd - ok 21:52:37.0315 7700 dlkmdldr - ok 21:52:37.0315 7700 dmvsc - ok 21:52:37.0315 7700 Dnscache - ok 21:52:37.0315 7700 dot3svc - ok 21:52:37.0325 7700 dot4 - ok 21:52:37.0325 7700 Dot4Print - ok 21:52:37.0325 7700 Dot4Scan - ok 21:52:37.0325 7700 dot4usb - ok 21:52:37.0335 7700 DozeSvc - ok 21:52:37.0335 7700 DPS - ok 21:52:37.0335 7700 drmkaud - ok 21:52:37.0335 7700 DXGKrnl - ok 21:52:37.0335 7700 DzHDD64 - ok 21:52:37.0345 7700 e1cexpress - ok 21:52:37.0345 7700 EapHost - ok 21:52:37.0345 7700 ebdrv - ok 21:52:37.0345 7700 EFS - ok 21:52:37.0355 7700 ehRecvr - ok 21:52:37.0355 7700 ehSched - ok 21:52:37.0355 7700 elxstor - ok 21:52:37.0355 7700 ErrDev - ok 21:52:37.0365 7700 EventSystem - ok 21:52:37.0365 7700 EvtEng - ok 21:52:37.0365 7700 exfat - ok 21:52:37.0365 7700 fastfat - ok 21:52:37.0375 7700 Fax - ok 21:52:37.0375 7700 fdc - ok 21:52:37.0375 7700 fdPHost - ok 21:52:37.0375 7700 FDResPub - ok 21:52:37.0385 7700 FfeCore - ok 21:52:37.0385 7700 FfeDisk - ok 21:52:37.0385 7700 FfeDsManager - ok 21:52:37.0395 7700 FfeDt - ok 21:52:37.0395 7700 FileInfo - ok 21:52:37.0395 7700 Filetrace - ok 21:52:37.0395 7700 FLEXnet Licensing Service - ok 21:52:37.0405 7700 FLEXnet Licensing Service 64 - ok 21:52:37.0405 7700 flpydisk - ok 21:52:37.0405 7700 FltMgr - ok 21:52:37.0405 7700 FontCache - ok 21:52:37.0405 7700 FontCache3.0.0.0 - ok 21:52:37.0415 7700 FsDepends - ok 21:52:37.0415 7700 Fs_Rec - ok 21:52:37.0415 7700 FTDIBUS - ok 21:52:37.0415 7700 FTSER2K - ok 21:52:37.0415 7700 fvevol - ok 21:52:37.0425 7700 gagp30kx - ok 21:52:37.0425 7700 GEARAspiWDM - ok 21:52:37.0425 7700 gpsvc - ok 21:52:37.0425 7700 gusvc - ok 21:52:37.0435 7700 hardlock - ok 21:52:37.0435 7700 hasplms - ok 21:52:37.0435 7700 hcw85cir - ok 21:52:37.0445 7700 HdAudAddService - ok 21:52:37.0445 7700 HDAudBus - ok 21:52:37.0445 7700 HidBatt - ok 21:52:37.0445 7700 HidBth - ok 21:52:37.0445 7700 HidIr - ok 21:52:37.0455 7700 hidserv - ok 21:52:37.0455 7700 HidUsb - ok 21:52:37.0455 7700 hkmsvc - ok 21:52:37.0455 7700 HomeGroupListener - ok 21:52:37.0455 7700 HomeGroupProvider - ok 21:52:37.0465 7700 HP LaserJet Service - ok 21:52:37.0465 7700 HpSAMD - ok 21:52:37.0465 7700 HTTP - ok 21:52:37.0465 7700 hwpolicy - ok 21:52:37.0475 7700 HyperW7Svc - ok 21:52:37.0475 7700 i1 Display Service - ok 21:52:37.0475 7700 i8042prt - ok 21:52:37.0485 7700 iaStor - ok 21:52:37.0485 7700 iaStorV - ok 21:52:37.0485 7700 IBMPMDRV - ok 21:52:37.0485 7700 IBMPMSVC - ok 21:52:37.0485 7700 idsvc - ok 21:52:37.0495 7700 igfx - ok 21:52:37.0495 7700 iirsp - ok 21:52:37.0495 7700 IKEEXT - ok 21:52:37.0505 7700 Intel® PROSet Monitoring Service - ok 21:52:37.0505 7700 intelide - ok 21:52:37.0505 7700 intelppm - ok 21:52:37.0505 7700 IPBusEnum - ok 21:52:37.0505 7700 IpFilterDriver - ok 21:52:37.0515 7700 IpHlpSvc - ok 21:52:37.0515 7700 IPMIDRV - ok 21:52:37.0515 7700 IPNAT - ok 21:52:37.0515 7700 iPod Service - ok 21:52:37.0525 7700 IRENUM - ok 21:52:37.0525 7700 isapnp - ok 21:52:37.0525 7700 iScsiPrt - ok 21:52:37.0525 7700 jhi_service - ok 21:52:37.0525 7700 kbdclass - ok 21:52:37.0535 7700 kbdhid - ok 21:52:37.0535 7700 KeyIso - ok 21:52:37.0535 7700 KSecDD - ok 21:52:37.0535 7700 KSecPkg - ok 21:52:37.0545 7700 ksthunk - ok 21:52:37.0545 7700 KtmRm - ok 21:52:37.0545 7700 LanmanServer - ok 21:52:37.0545 7700 LanmanWorkstation - ok 21:52:37.0545 7700 LBTServ - ok 21:52:37.0555 7700 LENOVO.CAMMUTE - ok 21:52:37.0555 7700 LENOVO.MICMUTE - ok 21:52:37.0555 7700 lenovo.smi - ok 21:52:37.0555 7700 LENOVO.TPKNRSVC - ok 21:52:37.0565 7700 Lenovo.VIRTSCRLSVC - ok 21:52:37.0565 7700 LEqdUsb - ok 21:52:37.0565 7700 LHidEqd - ok 21:52:37.0565 7700 LHidFilt - ok 21:52:37.0575 7700 LkCitadelServer - ok 21:52:37.0575 7700 lkClassAds - ok 21:52:37.0575 7700 lkTimeSync - ok 21:52:37.0585 7700 lltdio - ok 21:52:37.0585 7700 lltdsvc - ok 21:52:37.0585 7700 lmhosts - ok 21:52:37.0585 7700 LMouFilt - ok 21:52:37.0585 7700 LMS - ok 21:52:37.0595 7700 LSI_FC - ok 21:52:37.0595 7700 LSI_SAS - ok 21:52:37.0595 7700 LSI_SAS2 - ok 21:52:37.0595 7700 LSI_SCSI - ok 21:52:37.0605 7700 luafv - ok 21:52:37.0605 7700 lvalarmk - ok 21:52:37.0605 7700 MBAMProtector - ok 21:52:37.0615 7700 MBAMScheduler - ok 21:52:37.0615 7700 MBAMService - ok 21:52:37.0615 7700 MCHPUSB - ok 21:52:37.0615 7700 Mcx2Svc - ok 21:52:37.0625 7700 megasas - ok 21:52:37.0625 7700 MegaSR - ok 21:52:37.0625 7700 MEIx64 - ok 21:52:37.0625 7700 mf - ok 21:52:37.0635 7700 MMCSS - ok 21:52:37.0635 7700 Modem - ok 21:52:37.0635 7700 monitor - ok 21:52:37.0635 7700 mouclass - ok 21:52:37.0645 7700 mouhid - ok 21:52:37.0645 7700 mountmgr - ok 21:52:37.0645 7700 MozillaMaintenance - ok 21:52:37.0645 7700 MpFilter - ok 21:52:37.0655 7700 mpio - ok 21:52:37.0655 7700 mpsdrv - ok 21:52:37.0655 7700 MpsSvc - ok 21:52:37.0655 7700 MRxDAV - ok 21:52:37.0665 7700 mrxsmb - ok 21:52:37.0665 7700 mrxsmb10 - ok 21:52:37.0665 7700 mrxsmb20 - ok 21:52:37.0665 7700 msahci - ok 21:52:37.0665 7700 msdsm - ok 21:52:37.0675 7700 MSDTC - ok 21:52:37.0675 7700 Msfs - ok 21:52:37.0675 7700 mshidkmdf - ok 21:52:37.0675 7700 msisadrv - ok 21:52:37.0685 7700 MSiSCSI - ok 21:52:37.0685 7700 msiserver - ok 21:52:37.0685 7700 MSKSSRV - ok 21:52:37.0695 7700 MsMpSvc - ok 21:52:37.0695 7700 MSPCLOCK - ok 21:52:37.0695 7700 MSPQM - ok 21:52:37.0695 7700 MsRPC - ok 21:52:37.0695 7700 mssmbios - ok 21:52:37.0705 7700 MSSQL$SQLEXPRESS - ok 21:52:37.0705 7700 MSSQLServerADHelper - ok 21:52:37.0705 7700 MSTEE - ok 21:52:37.0705 7700 msvsmon90 - ok 21:52:37.0715 7700 MTConfig - ok 21:52:37.0715 7700 Mup - ok 21:52:37.0715 7700 mxssvr - ok 21:52:37.0715 7700 napagent - ok 21:52:37.0725 7700 NativeWifiP - ok 21:52:37.0725 7700 NDIS - ok 21:52:37.0725 7700 NdisCap - ok 21:52:37.0725 7700 NdisTapi - ok 21:52:37.0735 7700 Ndisuio - ok 21:52:37.0735 7700 NdisWan - ok 21:52:37.0735 7700 NDProxy - ok 21:52:37.0735 7700 Net Driver HPZ12 - ok 21:52:37.0735 7700 NetBIOS - ok 21:52:37.0745 7700 NetBT - ok 21:52:37.0745 7700 Netlogon - ok 21:52:37.0745 7700 Netman - ok 21:52:37.0745 7700 NetMsmqActivator - ok 21:52:37.0755 7700 NetPipeActivator - ok 21:52:37.0755 7700 netprofm - ok 21:52:37.0755 7700 netr28ux - ok 21:52:37.0755 7700 NetTcpActivator - ok 21:52:37.0765 7700 NetTcpPortSharing - ok 21:52:37.0765 7700 NETwNs64 - ok 21:52:37.0765 7700 nfrd960 - ok 21:52:37.0765 7700 ni1006k - ok 21:52:37.0775 7700 ni1045k - ok 21:52:37.0775 7700 ni1065k - ok 21:52:37.0775 7700 ni488enumsvc - ok 21:52:37.0775 7700 ni488lock - ok 21:52:37.0785 7700 NIApplicationWebServer - ok 21:52:37.0785 7700 NIApplicationWebServer64 - ok 21:52:37.0785 7700 nicdrk - ok 21:52:37.0795 7700 nicmrk - ok 21:52:37.0795 7700 nicondrk - ok 21:52:37.0795 7700 nicsrk - ok 21:52:37.0795 7700 nidevldu - ok 21:52:37.0805 7700 nidimk - ok 21:52:37.0805 7700 nidmxfk - ok 21:52:37.0805 7700 NIDomainService - ok 21:52:37.0805 7700 nidsark - ok 21:52:37.0815 7700 niemrk - ok 21:52:37.0815 7700 niesrk - ok 21:52:37.0815 7700 NIEthernetDeviceEnumerator - ok 21:52:37.0815 7700 nifslk - ok 21:52:37.0825 7700 NILM License Manager - ok 21:52:37.0825 7700 niLXIDiscovery - ok 21:52:37.0825 7700 nimdbgk - ok 21:52:37.0835 7700 nimDNSResponder - ok 21:52:37.0835 7700 nimru2k - ok 21:52:37.0835 7700 nimsdrk - ok 21:52:37.0835 7700 nimstsk - ok 21:52:37.0845 7700 nimxdfk - ok 21:52:37.0845 7700 nimxpk - ok 21:52:37.0845 7700 NINetworkDiscovery - ok 21:52:37.0845 7700 ninshsdk - ok 21:52:37.0855 7700 niorbk - ok 21:52:37.0855 7700 nipalfwedl - ok 21:52:37.0855 7700 NIPALK - ok 21:52:37.0865 7700 nipalusbedl - ok 21:52:37.0865 7700 nipbcfk - ok 21:52:37.0865 7700 nipxibaf - ok 21:52:37.0865 7700 nipxibrc - ok 21:52:37.0875 7700 nipxigpk - ok 21:52:37.0875 7700 nipxirmk - ok 21:52:37.0875 7700 nipxirmu - ok 21:52:37.0875 7700 niraptrk - ok 21:52:37.0885 7700 niscdk - ok 21:52:37.0885 7700 nisdigk - ok 21:52:37.0885 7700 NisDrv - ok 21:52:37.0895 7700 nisftk - ok 21:52:37.0895 7700 nispdk - ok 21:52:37.0895 7700 nissrk - ok 21:52:37.0895 7700 NisSrv - ok 21:52:37.0905 7700 nistc2k - ok 21:52:37.0905 7700 nistc3rk - ok 21:52:37.0905 7700 nistcrk - ok 21:52:37.0905 7700 niSvcLoc - ok 21:52:37.0915 7700 niswdk - ok 21:52:37.0915 7700 NITaggerService - ok 21:52:37.0915 7700 nitiork - ok 21:52:37.0925 7700 niufurk - ok 21:52:37.0925 7700 NiViPciK - ok 21:52:37.0925 7700 NiViPxiK - ok 21:52:37.0935 7700 niwfrk - ok 21:52:37.0935 7700 nixsrk - ok 21:52:37.0935 7700 NlaSvc - ok 21:52:37.0935 7700 Npfs - ok 21:52:37.0945 7700 nsi - ok 21:52:37.0945 7700 nsiproxy - ok 21:52:37.0945 7700 Ntfs - ok 21:52:37.0945 7700 Null - ok 21:52:37.0955 7700 nusb3hub - ok 21:52:37.0955 7700 nusb3xhc - ok 21:52:37.0955 7700 NVHDA - ok 21:52:37.0955 7700 nvkflt - ok 21:52:37.0965 7700 nvlddmkm - ok 21:52:37.0965 7700 nvpciflt - ok 21:52:37.0965 7700 nvraid - ok 21:52:37.0965 7700 nvstor - ok 21:52:37.0975 7700 NVSvc - ok 21:52:37.0975 7700 nvUpdatusService - ok 21:52:37.0975 7700 nv_agp - ok 21:52:37.0975 7700 ohci1394 - ok 21:52:37.0985 7700 OpcEnum - ok 21:52:37.0985 7700 ose - ok 21:52:37.0985 7700 osppsvc - ok 21:52:37.0995 7700 p2pimsvc - ok 21:52:37.0995 7700 p2psvc - ok 21:52:37.0995 7700 Parport - ok 21:52:37.0995 7700 partmgr - ok 21:52:38.0005 7700 PcaSvc - ok 21:52:38.0005 7700 pci - ok 21:52:38.0005 7700 pciide - ok 21:52:38.0005 7700 pcmcia - ok 21:52:38.0015 7700 pcw - ok 21:52:38.0015 7700 PDF Architect Helper Service - ok 21:52:38.0015 7700 PDF Architect Service - ok 21:52:38.0025 7700 PEAUTH - ok 21:52:38.0025 7700 PeerDistSvc - ok 21:52:38.0025 7700 PerfHost - ok 21:52:38.0035 7700 PHCORE - ok 21:52:38.0035 7700 PinFile - ok 21:52:38.0035 7700 pla - ok 21:52:38.0045 7700 PlugPlay - ok 21:52:38.0045 7700 Pml Driver HPZ12 - ok 21:52:38.0045 7700 pmxdrv - ok 21:52:38.0045 7700 PNRPAutoReg - ok 21:52:38.0055 7700 PNRPsvc - ok 21:52:38.0055 7700 PolicyAgent - ok 21:52:38.0055 7700 Power - ok 21:52:38.0065 7700 Power Manager DBC Service - ok 21:52:38.0065 7700 PptpMiniport - ok 21:52:38.0065 7700 Processor - ok 21:52:38.0065 7700 ProfSvc - ok 21:52:38.0075 7700 ProtectedStorage - ok 21:52:38.0075 7700 psadd - ok 21:52:38.0075 7700 Psched - ok 21:52:38.0075 7700 PSI_SVC_2 - ok 21:52:38.0085 7700 PwmEWSvc - ok 21:52:38.0085 7700 ql2300 - ok 21:52:38.0085 7700 ql40xx - ok 21:52:38.0085 7700 QWAVE - ok 21:52:38.0095 7700 QWAVEdrv - ok 21:52:38.0095 7700 RasAcd - ok 21:52:38.0095 7700 RasAgileVpn - ok 21:52:38.0095 7700 RasAuto - ok 21:52:38.0095 7700 Rasl2tp - ok 21:52:38.0105 7700 RasMan - ok 21:52:38.0105 7700 RasPppoe - ok 21:52:38.0105 7700 RasSstp - ok 21:52:38.0105 7700 rdbss - ok 21:52:38.0115 7700 rdpbus - ok 21:52:38.0115 7700 RDPCDD - ok 21:52:38.0115 7700 RDPDR - ok 21:52:38.0125 7700 RDPENCDD - ok 21:52:38.0125 7700 RDPREFMP - ok 21:52:38.0125 7700 RDPWD - ok 21:52:38.0125 7700 rdyboost - ok 21:52:38.0135 7700 RegSrvc - ok 21:52:38.0135 7700 RemoteAccess - ok 21:52:38.0145 7700 RemoteRegistry - ok 21:52:38.0145 7700 Retrospect Client - ok 21:52:38.0145 7700 Retrospect Helper - ok 21:52:38.0155 7700 RFCOMM - ok 21:52:38.0155 7700 risdxc - ok 21:52:38.0155 7700 RpcEptMapper - ok 21:52:38.0155 7700 RpcLocator - ok 21:52:38.0165 7700 RpcSs - ok 21:52:38.0165 7700 rspndr - ok 21:52:38.0165 7700 s3cap - ok 21:52:38.0165 7700 SamSs - ok 21:52:38.0175 7700 SAService - ok 21:52:38.0175 7700 sbp2port - ok 21:52:38.0175 7700 SCardSvr - ok 21:52:38.0175 7700 scfilter - ok 21:52:38.0185 7700 Schedule - ok 21:52:38.0185 7700 SCPolicySvc - ok 21:52:38.0185 7700 SDDisk2K - ok 21:52:38.0195 7700 SDDToki - ok 21:52:38.0195 7700 SDDVD - ok 21:52:38.0195 7700 SDRSVC - ok 21:52:38.0205 7700 SDUPC - ok 21:52:38.0205 7700 secdrv - ok 21:52:38.0205 7700 seclogon - ok 21:52:38.0205 7700 SENS - ok 21:52:38.0215 7700 SensrSvc - ok 21:52:38.0215 7700 Serenum - ok 21:52:38.0215 7700 Serial - ok 21:52:38.0215 7700 sermouse - ok 21:52:38.0225 7700 SessionEnv - ok 21:52:38.0225 7700 sffdisk - ok 21:52:38.0225 7700 sffp_mmc - ok 21:52:38.0235 7700 sffp_sd - ok 21:52:38.0235 7700 sfloppy - ok 21:52:38.0235 7700 SgtSch2Svc - ok 21:52:38.0245 7700 SharedAccess - ok 21:52:38.0245 7700 ShellHWDetection - ok 21:52:38.0245 7700 Shockprf - ok 21:52:38.0255 7700 silabenm - ok 21:52:38.0255 7700 silabser - ok 21:52:38.0255 7700 SiSRaid2 - ok 21:52:38.0265 7700 SiSRaid4 - ok 21:52:38.0265 7700 SkypeUpdate - ok 21:52:38.0265 7700 Smb - ok 21:52:38.0275 7700 smihlp - ok 21:52:38.0275 7700 snapman - ok 21:52:38.0275 7700 SNMPTRAP - ok 21:52:38.0285 7700 SolidWorks Licensing Service - ok 21:52:38.0285 7700 spldr - ok 21:52:38.0285 7700 Spooler - ok 21:52:38.0285 7700 sppsvc - ok 21:52:38.0295 7700 sppuinotify - ok 21:52:38.0295 7700 SQLBrowser - ok 21:52:38.0295 7700 SQLWriter - ok 21:52:38.0305 7700 srv - ok 21:52:38.0305 7700 srv2 - ok 21:52:38.0305 7700 srvnet - ok 21:52:38.0305 7700 SSDPSRV - ok 21:52:38.0315 7700 SstpSvc - ok 21:52:38.0315 7700 Stereo Service - ok 21:52:38.0315 7700 stexstor - ok 21:52:38.0325 7700 StillCam - ok 21:52:38.0325 7700 stisvc - ok 21:52:38.0325 7700 storflt - ok 21:52:38.0335 7700 StorSvc - ok 21:52:38.0335 7700 storvsc - ok 21:52:38.0335 7700 SUService - ok 21:52:38.0345 7700 swenum - ok 21:52:38.0345 7700 swprv - ok 21:52:38.0345 7700 SynTP - ok 21:52:38.0345 7700 SysMain - ok 21:52:38.0355 7700 TabletInputService - ok 21:52:38.0355 7700 TapiSrv - ok 21:52:38.0355 7700 TBS - ok 21:52:38.0355 7700 Tcpip - ok 21:52:38.0365 7700 TCPIP6 - ok 21:52:38.0365 7700 tcpipreg - ok 21:52:38.0365 7700 TDPIPE - ok 21:52:38.0375 7700 tdrpman - ok 21:52:38.0375 7700 TDTCP - ok 21:52:38.0375 7700 tdx - ok 21:52:38.0385 7700 TermDD - ok 21:52:38.0385 7700 TermService - ok 21:52:38.0385 7700 Themes - ok 21:52:38.0385 7700 ThinkVantage Registry Monitor Service - ok 21:52:38.0395 7700 THREADORDER - ok 21:52:38.0395 7700 tifsfilter - ok 21:52:38.0395 7700 timounter - ok 21:52:38.0405 7700 TPDIGIMN - ok 21:52:38.0405 7700 TPHDEXLGSVC - ok 21:52:38.0405 7700 TPHKLOAD - ok 21:52:38.0405 7700 TPHKSVC - ok 21:52:38.0415 7700 TPM - ok 21:52:38.0415 7700 TPPWRIF - ok 21:52:38.0415 7700 TrkWks - ok 21:52:38.0425 7700 TrustedInstaller - ok 21:52:38.0425 7700 tssecsrv - ok 21:52:38.0425 7700 TsUsbFlt - ok 21:52:38.0425 7700 TsUsbGD - ok 21:52:38.0435 7700 tunnel - ok 21:52:38.0435 7700 TurboB - ok 21:52:38.0435 7700 TurboBoost - ok 21:52:38.0445 7700 TVT Scheduler - ok 21:52:38.0445 7700 TVTI2C - ok 21:52:38.0445 7700 uagp35 - ok 21:52:38.0455 7700 udfs - ok 21:52:38.0455 7700 UI0Detect - ok 21:52:38.0455 7700 UleadBurningHelper - ok 21:52:38.0465 7700 uliagpkx - ok 21:52:38.0465 7700 umbus - ok 21:52:38.0465 7700 UmPass - ok 21:52:38.0475 7700 UmRdpService - ok 21:52:38.0475 7700 UNS - ok 21:52:38.0475 7700 upnphost - ok 21:52:38.0475 7700 USB18PRG - ok 21:52:38.0485 7700 usb6xxxk - ok 21:52:38.0485 7700 USBAAPL64 - ok 21:52:38.0485 7700 usbaudio - ok 21:52:38.0495 7700 usbccgp - ok 21:52:38.0495 7700 usbcir - ok 21:52:38.0495 7700 USBee - ok 21:52:38.0495 7700 usbehci - ok 21:52:38.0505 7700 usbhub - ok 21:52:38.0505 7700 usbohci - ok 21:52:38.0505 7700 usbprint - ok 21:52:38.0505 7700 usbser - ok 21:52:38.0515 7700 USBSTOR - ok 21:52:38.0515 7700 Usbtmc - ok 21:52:38.0515 7700 usbuhci - ok 21:52:38.0525 7700 usbvideo - ok 21:52:38.0525 7700 UxSms - ok 21:52:38.0525 7700 VaultSvc - ok 21:52:38.0535 7700 VBoxDrv - ok 21:52:38.0535 7700 VBoxNetAdp - ok 21:52:38.0535 7700 VBoxNetFlt - ok 21:52:38.0535 7700 VBoxUSB - ok 21:52:38.0545 7700 VBoxUSBMon - ok 21:52:38.0545 7700 vdrvroot - ok 21:52:38.0545 7700 vds - ok 21:52:38.0555 7700 vga - ok 21:52:38.0555 7700 VgaSave - ok 21:52:38.0555 7700 vhdmp - ok 21:52:38.0555 7700 viaide - ok 21:52:38.0565 7700 Viewpoint Service - ok 21:52:38.0565 7700 Visual Studio Analyzer RPC bridge - ok 21:52:38.0565 7700 vmbus - ok 21:52:38.0575 7700 VMBusHID - ok 21:52:38.0575 7700 volmgr - ok 21:52:38.0575 7700 volmgrx - ok 21:52:38.0575 7700 volsnap - ok 21:52:38.0585 7700 vpcbus - ok 21:52:38.0585 7700 vpcnfltr - ok 21:52:38.0585 7700 vpcusb - ok 21:52:38.0585 7700 vpcvmm - ok 21:52:38.0595 7700 vsmraid - ok 21:52:38.0595 7700 VSS - ok 21:52:38.0595 7700 vwifibus - ok 21:52:38.0595 7700 vwififlt - ok 21:52:38.0605 7700 vwifimp - ok 21:52:38.0605 7700 W32Time - ok 21:52:38.0615 7700 WacomPen - ok 21:52:38.0615 7700 WANARP - ok 21:52:38.0615 7700 Wanarpv6 - ok 21:52:38.0625 7700 WatAdminSvc - ok 21:52:38.0625 7700 wbengine - ok 21:52:38.0625 7700 WbioSrvc - ok 21:52:38.0635 7700 wcncsvc - ok 21:52:38.0635 7700 WcsPlugInService - ok 21:52:38.0635 7700 Wd - ok 21:52:38.0645 7700 WDC_SAM - ok 21:52:38.0645 7700 Wdf01000 - ok 21:52:38.0645 7700 WdiServiceHost - ok 21:52:38.0645 7700 WdiSystemHost - ok 21:52:38.0655 7700 wdkmd - ok 21:52:38.0655 7700 WebClient - ok 21:52:38.0655 7700 Wecsvc - ok 21:52:38.0655 7700 wercplsupport - ok 21:52:38.0665 7700 WerSvc - ok 21:52:38.0665 7700 WfpLwf - ok 21:52:38.0665 7700 WIMMount - ok 21:52:38.0675 7700 WinDefend - ok 21:52:38.0675 7700 WinHttpAutoProxySvc - ok 21:52:38.0685 7700 WinMagic SecureDoc Service - ok 21:52:38.0685 7700 Winmgmt - ok 21:52:38.0685 7700 WinRM - ok 21:52:38.0695 7700 WinUsb - ok 21:52:38.0695 7700 Wlansvc - ok 21:52:38.0695 7700 WmiAcpi - ok 21:52:38.0705 7700 wmiApSrv - ok 21:52:38.0705 7700 WMPNetworkSvc - ok 21:52:38.0705 7700 WPCSvc - ok 21:52:38.0715 7700 WPDBusEnum - ok 21:52:38.0715 7700 ws2ifsl - ok 21:52:38.0715 7700 wscsvc - ok 21:52:38.0715 7700 WSDPrintDevice - ok 21:52:38.0725 7700 WSearch - ok 21:52:38.0725 7700 wuauserv - ok 21:52:38.0725 7700 WudfPf - ok 21:52:38.0735 7700 WUDFRd - ok 21:52:38.0735 7700 wudfsvc - ok 21:52:38.0735 7700 WwanSvc - ok 21:52:38.0745 7700 xritedeviced - ok 21:52:38.0745 7700 ZcfgSvc7 - ok
  6. 2/21/13 Ok here are the results from TDSSKiller This is going to be in two posts. First file TDSSKiller.2.8.16.0_21.02.2013_21.50.36_log.txt 21:50:36.0120 7404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 21:50:36.0720 7404 ============================================================ 21:50:36.0720 7404 Current date / time: 2013/02/21 21:50:36.0720 21:50:36.0720 7404 SystemInfo: 21:50:36.0720 7404 21:50:36.0720 7404 OS Version: 6.1.7601 ServicePack: 1.0 21:50:36.0720 7404 Product type: Workstation 21:50:36.0720 7404 ComputerName: TH 21:50:36.0720 7404 UserName: twhauff 21:50:36.0720 7404 Windows directory: C:\Windows 21:50:36.0720 7404 System windows directory: C:\Windows 21:50:36.0720 7404 Running under WOW64 21:50:36.0720 7404 Processor architecture: Intel x64 21:50:36.0720 7404 Number of processors: 8 21:50:36.0720 7404 Page size: 0x1000 21:50:36.0720 7404 Boot type: Normal boot 21:50:36.0720 7404 ============================================================ 21:50:37.0080 7404 Drive \Device\Harddisk0\DR0 - Size: 0x8BBA5F6000 (558.91 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:50:37.0080 7404 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:50:37.0080 7404 Drive \Device\Harddisk2\DR2 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:50:37.0100 7404 Drive \Device\Harddisk3\DR3 - Size: 0xEC400000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:50:37.0100 7404 ============================================================ 21:50:37.0100 7404 \Device\Harddisk0\DR0: 21:50:37.0100 7404 MBR partitions: 21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2CE000 21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2CE800, BlocksNum 0x43583000 21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x43851800, BlocksNum 0x2581000 21:50:37.0100 7404 \Device\Harddisk1\DR1: 21:50:37.0100 7404 MBR partitions: 21:50:37.0100 7404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800 21:50:37.0100 7404 \Device\Harddisk2\DR2: 21:50:37.0100 7404 MBR partitions: 21:50:37.0100 7404 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800 21:50:37.0100 7404 \Device\Harddisk3\DR3: 21:50:37.0100 7404 MBR partitions: 21:50:37.0100 7404 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000 21:50:37.0100 7404 ============================================================ 21:50:37.0100 7404 Q: <-> \Device\Harddisk0\DR0\Partition3 21:50:37.0110 7404 F: <-> \Device\Harddisk2\DR2\Partition1 21:50:37.0450 7404 D: <-> \Device\Harddisk1\DR1\Partition1 21:50:37.0450 7404 ============================================================ 21:50:37.0450 7404 Initialize success 21:50:37.0450 7404 ============================================================ 21:50:43.0761 9912 Deinitialize success
  7. Ok here are the results from aswMBR.exe. GeckospotNixie aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-21 16:38:12 ----------------------------- 16:38:12.285 OS Version: Windows x64 6.1.7601 Service Pack 1 16:38:12.285 Number of processors: 8 586 0x2A07 16:38:12.285 ComputerName: TH UserName: 16:38:13.226 Initialize success 16:38:36.438 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 16:38:36.438 Disk 0 Vendor: INTEL_SS 4PC1 Size: 572325MB BusType: 3 16:38:36.438 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1 16:38:36.438 Disk 1 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3 16:38:36.438 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2 16:38:36.448 Disk 2 Vendor: INTEL_SS 2CV1 Size: 76319MB BusType: 3 16:38:36.448 Disk 3 \Device\Harddisk3\DR3 -> \Device\000000c8 16:38:36.448 Disk 3 Vendor: RICOH 01 Size: 3780MB BusType: 0 16:38:36.448 Disk 0 MBR read successfully 16:38:36.448 Disk 0 MBR scan 16:38:36.458 Disk 0 Windows 7 default MBR code found via API 16:38:36.458 Disk 0 unknown MBR code 16:38:36.458 Disk 0 MBR hidden 16:38:36.458 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1436 MB offset 2048 16:38:36.468 Disk 0 Partition 2 00 07 HPFS/NTFS 551686 MB offset 2942976 16:38:36.468 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 19202 MB offset 1132795904 16:38:36.468 Disk 0 MBR [possible unknown bootkit@MBR] **ROOTKIT** 16:38:36.478 Disk 0 trace - called modules: 16:38:36.478 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 16:38:36.478 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d263790] 16:38:36.488 3 CLASSPNP.SYS[fffff8800204543f] -> nt!IofCallDriver -> [0xfffffa800cfcebe0] 16:38:36.488 5 ACPI.sys[fffff88000f857a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa800cfcd050] 16:38:36.488 Scan finished successfully 16:39:34.895 Disk 0 MBR has been saved successfully to "C:\Users\Thomas W. Hauff\Documents Personal\Temp\Malwarebytes Help on Lenovo\MBR.dat" 16:39:34.905 The log file has been saved successfully to "C:\Users\Thomas W. Hauff\Documents Personal\Temp\Malwarebytes Help on Lenovo\aswMBR(1).txt"
  8. Yes I would like to moved forward and clean this. GeckospotNixie
  9. Ok finished that. Here are the results. Status: Deleted (events: 2) 2/20/2013 7:31:40 AM Deleted Trojan program Backdoor.Win32.ZAccess.bgzm C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{1B7D92FE-1789-D976-C09B-23CE668991EB}-2227990.exe High 2/20/2013 7:31:40 AM Deleted Trojan program Backdoor.Win32.ZAccess.bgzm C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{1B7D92FE-1789-D976-C09B-23CE668991EB}-2227990.exe//PE-Crypt.XorPE High Status: Disinfected (events: 2) 2/20/2013 8:58:41 AM Disinfected Trojan program Trojan.Win32.Nvert.ae C:\Documents and Settings\Thomas W. Hauff\Documents Personal\VB\Down Loads\2 Look at New\Sprite Animator.zip/Sprite_Animator/Animator.exe High 2/20/2013 8:58:41 AM Disinfected Trojan program Trojan.Win32.Nvert.ae C:\Documents and Settings\Thomas W. Hauff\Documents Personal\VB\Down Loads\2 Look at New\Sprite Animator.zip High
  10. Ok I ran ESET The log states that I did not check Remove found threats but I had it check don’t know. Notwithstanding here is the log file. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=8 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=9e4ba0d299e49a49a1a2ac8f4915d5cf # engine=13195 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-20 02:39:30 # local_time=2013-02-19 09:39:30 (-0500, Eastern Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 70083159 112871420 0 0 # scanned=766172 # found=0 # cleaned=0 # scan_time=8758 GeckospotNixie
  11. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/29/2011 5:29:33 PM System Uptime: 2/18/2013 11:44:57 AM (1 hours ago) . Motherboard: LENOVO | | 4270CTO Processor: Intel® Core i7-2820QM CPU @ 2.30GHz | CPU | 2301/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 539 GiB total, 312.988 GiB free. D: is FIXED (NTFS) - 699 GiB total, 332.61 GiB free. E: is Removable F: is FIXED (NTFS) - 75 GiB total, 13.023 GiB free. Q: is FIXED (NTFS) - 19 GiB total, 8.955 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP555: 2/8/2013 11:56:57 AM - Windows Backup RP556: 2/8/2013 3:35:47 PM - Windows Backup RP557: 2/9/2013 11:35:47 PM - Windows Update RP558: 2/11/2013 8:19:37 AM - Removed ThinkVantage Access Connections. RP559: 2/11/2013 8:24:16 AM - Installed ThinkVantage Access Connections. RP560: 2/13/2013 9:56:14 AM - Windows Update RP561: 2/15/2013 9:03:28 PM - Windows Backup RP562: 2/15/2013 9:36:58 PM - Windows Backup RP563: 2/16/2013 4:21:47 PM - Windows Update RP564: 2/18/2013 11:15:16 AM - Removed Java 7 Update 9 RP565: 2/18/2013 11:16:50 AM - Installed Java 7 Update 13 . ==== Installed Programs ====================== . 010 Editor 2.1.3 34xx Virtual Front Panel Version 1.03 3D Models for DipTrace 3D XML Player 3Dconnexion 3DxSoftware (x64 Edition) 3Dconnexion 3DxWare (x64) 3Dconnexion Add-In for AutoCAD 2007 - 2010 3Dconnexion Add-In for SolidWorks 2005 - 2013 3Dconnexion Collage 3Dconnexion Plug-In for Photoshop CS3 - CS6 3Dconnexion Trainer 4D Workshop 3 IDE 64 Bit HP CIO Components Installer AC3Filter 1.63b Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.5.3 - CPSID_83708 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) Adobe Shockwave Player 11.6 Agilent HSA and N9320B PC Software Agilent N9340 PC Software Akamai NetSession Interface Akamai NetSession Interface Service Anuko World Clock Apple Application Support Apple Mobile Device Support Apple Software Update Assembly for PICmicro microcontrollers AutoCAD LT 2010 - English AutoCAD LT 2010 Language Pack - English AutoTRAX Catalog 1 AutoTRAX Design Express Version 1 AutoTRAX EDA 10.12 AX88178 B2 Spice A_D v5 Bonjour Bonjour Print Services Burn.Now 4.5 CCS C Compiler Plug-In for MPLAB Chinese Simplified Fonts Support For Adobe Reader X Chinese Traditional Fonts Support For Adobe Reader X Cisco WebEx Meetings Conexant 20672 SmartAudio HD Core Temp version 0.99.8 Corel Burn.Now Lenovo Edition Corel DVD MovieFactory 7 Corel DVD MovieFactory Lenovo Edition Corel KPT Collection Corel PaintShop Photo Pro X3 Corel WinDVD Create Recovery Media Crystal Reports Basic for Visual Studio 2008 Crystal Reports Basic Runtime for Visual Studio 2008 (x64) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Delta Updater Digital Aviation Reference Library Direct DiscRecorder Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 DisplayLink Core Software DisplayLink Graphics DivX Setup ELECTRA 2.9.5 eReg FTP Voyager 15.2 GE CEI-LV GHI NETMF v4.0 SDK GoodSync GoToMeeting 4.8.0.723 Graphics Display Designer Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2538241) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674) HP LaserJet P2050 Series 6.0 HP LaserJet Professional CM1410 Series HP LJ CM1410 MFP Series HP Scan HP Product Detection HP Update HPLaserJetHelp_LearnCenter HPLJUT hppCM1410LaserJetService hppFaxDrvCM1410 hppFaxUtilityCM1410 hppFonts hppLaserJetService hppQFolderP2050 hppSendFaxCM1410 hppTLBXFXCM1410 hpzTLBXFX hueyPRO 1.5.1 HyperTerminal Private Edition v6.3 I.R.I.S. OCR ICA IFR341X inSSIDer 2.0 Integrated Camera Driver Installer Package Ver.1.1.0.1147 Integrated Camera TWAIN Intel PROSet Wireless Intel® Control Center Intel® Identity Protection Technology 1.0.74.0 Intel® Management Engine Components Intel® Network Connections 17.4.95.0 Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 Intel® Wireless Display Intel® Solid-State Drive Toolbox IPM_PSP_CL IPM_PSP_COM IQCreator 8.10.0 iSEEK AnswerWorks English Runtime iTunes IVI Shared Component 64-bit IVI Shared Components 2.2.1 Japanese Fonts Support For Adobe Reader X Java 7 Update 13 Java Auto Updater join.me Lenovo Auto Scroll Utility Lenovo Patch Utility Lenovo Patch Utility 64 bit Lenovo Power Management Driver Lenovo System Interface Driver Lenovo System Update Lenovo ThinkVantage Toolbox Lenovo User Guide Lenovo Warranty Information Lenovo Welcome Load Sim II Expiration Control center Logitech SetPoint 6.22 Magic Bullet PhotoLooks for PaintShop Photo Pro Malwarebytes Anti-Malware version 1.70.0.1100 Marketsplash Shortcuts Message Center Plus Microchip Application Libraries v2012-04-03 Microchip Application Libraries v2012-07-18 Microchip Application Libraries v2012-10-15 Microchip Serial Bootloader AN1310 v1.05 Microsoft .NET Compact Framework 2.0 SP2 Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Micro Framework SDK 4.0 Microsoft Application Error Reporting Microsoft Device Emulator (64 bit) version 3.0 - ENU Microsoft Document Explorer 2008 Microsoft Encarta World English Dictionary Microsoft Office 2003 Web Components Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Live Meeting 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office Single Image 2010 Microsoft Office Sounds Microsoft Office Visio 2010 Microsoft Office Visio MUI (English) 2010 Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Outlook Personal Folders Backup Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server 2008 Management Objects Microsoft SQL Server Compact 3.5 for Devices ENU Microsoft SQL Server Compact 3.5 SP1 Design Tools English Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Database Publishing Wizard 1.3 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visio 2010 Service Pack 1 (SP1) Microsoft Visio Standard 2010 Microsoft Visual Basic for Applications 7.1 (x64) Microsoft Visual Basic for Applications 7.1 (x64) English Microsoft Visual Basic Power Packs 3.0 Redistributable Microsoft Visual C# 2008 Step by Step Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU Microsoft Visual Studio 2005 Tools for Applications - ENU Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2008 Professional Edition - ENU Microsoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140) Microsoft Visual Studio 2008 Remote Debugger - ENU Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140) Microsoft Visual Studio 6.0 Enterprise Edition Microsoft Visual Studio Web Authoring Component Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Windows SDK for Visual Studio 2008 SP1 Tools Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools mikroC PRO for ARM (remove only) mikroC PRO for PIC32 (remove only) mikroProg Suite For ARM (remove only) mikroProg Suite For PIC (remove only) Mozilla Firefox 13.0 (x86 en-US) Mozilla Maintenance Service MPLAB C for PIC32 MPLAB Tools v8.85 MPLAB X IDE v1.51 MPLAB XC32 Compiler MSDN Library - October 2001 MSDN Library for Visual Studio 2008 - ENU MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) National Instruments Software NI-488.2 3.0.2 NI-488.2 3.0.2 Development Support NI-488.2 64-bit Provider for MAX version 3.0.2 NI-488.2 for Windows x64 version 3.0.2 NI-488.2 Provider for MAX version 3.0.2 NI-653x Installer 1.9.4 NI-653x Installer for 64 Bit Windows 1.9.4 NI-APAL 2.1 64-Bit Error Files NI-APAL 2.1 Error Files NI-APAL 2.1 Error Files for LabVIEW RT NI-DAQ C and VB6 API 2.3.0 NI-DAQ Document Set 9.3.5 NI-DAQ INF Files 19.3.5 NI-DAQmx 9.3.5 NI-DAQmx ADE Support 9.3.5 NI-DAQmx Documentation 9.3.5 NI-DAQmx Documentation for 64 bit Windows 9.3.5 NI-DAQmx MAX Configuration Support 9.3.5 NI-DAQmx MAX Support 64-bit 2.2.0 NI-DAQmx support for LabVIEW (64-bit) 2.1.0 NI-DAQmx support for LabVIEW 2.1.0 NI-DAQmx Switch Core 2.2.0 NI-DAQmx Switch Core for 64 Bit Windows 2.2.0 NI-DAQmx/LabVIEW shared documentation 1.9.5 NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5 NI-DIM 1.12.0f0 NI-DIM 1.12.0f0 for 64 Bit Windows NI-MDBG 1.11.0f0 NI-MDBG 1.11.0f0 for 64 Bit Windows NI-Mesa NI-MRU 2.11.1f0 NI-MRU 2.11.1f0 for 64 Bit Windows NI-MX Expert Framework 2.8.0 NI-MX Expert Framework for 64 Bit Windows 2.8.0 NI-MXDF 1.12.0f0 NI-MXDF 1.12.0f0 for 64 Bit Windows NI-MXLC Core (32-bit) NI-MXLC Core (64-bit) NI-MXLC LabVIEW 2009 Support NI-MXLC LabVIEW 2010 Support NI-MXLC LabVIEW 2011 Support NI-MXLC LabVIEW 8.6 Support NI-ORB 1.10.0f0 NI-ORB 1.10.0f0 for 64 Bit Windows NI-PAL 2.7.0f0 NI-PAL 2.7.0f0 for 64 Bit Windows NI-RPC 4.2.2f0 NI-RPC 4.2.2f0 for 64 Bit Windows NI-RPC 4.2.2f0 for Phar Lap ETS NI-Serial 3.8.1 NI-Serial 3.8.1 64-bit driver NI-Serial 3.8.1 MAX Provider NI-VISA 5.1.1 NI-VISA 5.1.1 64-bit Support NI-VISA 5.1.1 MAX Provider NI-VISA 5.1.1 Provider 64-bit Support NI-VISA Runtime 5.1.1 NI-VISA Server 5.1.0 NI-VISA x64 support 5.1.1 NI .NET Framework 4.0 NI AFW Channel Configuration Tool NI AFW Custom UI NI AFW Custom UI Assemblies NI AFW UI Assemblies NI Assistant Framework NI Assistant Framework 64-bit NI Assistant Framework 64-bit LabVIEW 2011 Support NI Assistant Framework LabVIEW Code Generator 2011 (64-bit) NI Atomic PXIe Peripheral Module Driver 1.2.1 NI Authentication 2011 SP1 NI Authentication 2011 SP1 (64-bit) NI Calibration Provider for MAX 5.0.0 NI Calibration Provider Help for 64 Bit Windows NI Certificates Deployment Support NI CodeSignAPI NI Common Digital 1.13.0 NI Common Digital for 64 Bit Windows 1.13.0 NI Curl 1.5 (64-bit) NI Curl 11.5 NI DAQ Assistant 2.0.0 NI DAQ Assistant 64-bit 2.0.0 NI DataSocket 4.9.1 NI DataSocket 4.9.1 (64-bit) NI Distributed System Manager 2011 SP1 NI DN 2.0 SP1 installer NI DN 2.0 x64 SP1 installer NI Dynamic Signal Acquisition for 64 Bit Windows 2.2.0 NI Dynamic Signal Acquisition Installer 2.2.0 NI Error Reporting 2011 SP1 NI Error Reporting 2011 SP1 (64-bit) NI Ethernet Device Enumerator NI Ethernet Device Enumerator 64-Bit NI EulaDepot NI Example Finder 11.0 NI FSL Installer 1.13.0 NI FSL Installer for 64-Bit Windows 1.13.0 NI GMP Windows 32-bit Installer 11.0.0 NI GMP Windows 64-bit Installer 11.0.0 NI Help Assistant NI Help Assistant (64bit) NI I/O Trace API LV201164 NI Instrument I/O Assistant NI Instrument I/O Assistant 64-bit NI Instrument IO Assistant for LabVIEW 2011 64-bit NI IO Trace 3.0.0 NI IVI Class Driver LabVIEW 2011 64-bit Support NI IVI Class Drivers NI IVI Class Drivers (64-bit) NI IVI Class Simulation Drivers NI IVI Class Simulation Drivers (64-bit) NI IVI Compliance Package 4.4 NI IVI Compliance Package 4.4 (64-bit) NI IVI Engine NI IVI Engine (64-bit) NI IVI Online Help NI IVI Provider for MAX NI LabVIEW 2009 SP1 Run-Time Engine Web Services NI LabVIEW 2010 Real-Time NBFifo NI LabVIEW 2011 (64-bit) Search NI LabVIEW 2011 Deployment Framework NI LabVIEW 2011 Real-Time Error Dialog NI LabVIEW 2011 Real-Time NBFifo NI LabVIEW 2011 SP1 (64-bit) NI LabVIEW 2011 SP1 (64 bit) MeasAppChm File NI LabVIEW 2011 SP1 Deployable License NI LabVIEW 2011 SP1 f2 (64-bit) NI LabVIEW 2011 SP1 Help NI LabVIEW 2011 SP1 Help File NI LabVIEW 2011 SP1 License NI LabVIEW 2011 SP1 Manuals NI LabVIEW 2011 SP1 Simulation NI LabVIEW 2011 SP1 Web Server 64-Bit NI LabVIEW 2011 VIPM Helper NI LabVIEW 2011 Web Services Runtime (64-bit) NI LabVIEW Broker NI LabVIEW Broker (64 bit) NI LabVIEW C Interface NI LabVIEW Compare Utility 11.0.0 NI LabVIEW Deployable License 8.6.1 NI LabVIEW EWB DeviceHandler 2010 NI LabVIEW MAX XML NI LabVIEW Merge Utility 11.0.0 NI LabVIEW Real-Time FIFO for Runtime NI LabVIEW Real-Time NBFifo NI LabVIEW Run-Time Engine 2009 SP1 NI LabVIEW Run-Time Engine 2010 SP1 NI LabVIEW Run-Time Engine 2011 SP1 NI LabVIEW Run-Time Engine 2011 SP1 (64-bit) NI LabVIEW Run-Time Engine 8.2.1 NI LabVIEW Run-Time Engine 8.6.1 NI LabVIEW Run-Time Engine Interop 2009 NI LabVIEW Run-Time Engine Interop 2010 NI LabVIEW Run-Time Engine Interop 2011 NI LabVIEW Run-Time Engine Interop 2011 (64-bit) NI LabVIEW SignalExpress 2011 NI LabVIEW SignalExpress 2011 Core NI LabVIEW SignalExpress 2011 Datatypes NI LabVIEW SignalExpress 2011 Licenses NI LabVIEW SignalExpress 2011 Steps NI LabVIEW SignalExpress 2011 Tools NI LabVIEW Web Server 64-Bit for Run-Time Engine NI LabVIEW Web Server for Run-Time Engine NI LabVIEW Web Services Runtime NI LabWindows/CVI 2010 Code Generator NI LabWindows/CVI 2010 LabVIEW DLL Builder NI LabWindows/CVI 2010 SP1 Analysis Library NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) NI LabWindows/CVI 2010 SP1 Network Variable Library NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) NI LabWindows/CVI 2010 SP1 TDM Streaming Library NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) NI LabWindows/CVI Run-Time Engine 2010 SP1 NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) NI License Manager NI Logos 5.3.0 NI Logos LabVIEW 2011 SP1 Support NI Logos XT Support NI Logos64 5.3.0 NI Logos64 XT Support NI Math Kernel Libraries NI Math Kernel Libraries (64-bit) NI MAX Remote Configuration 64-bit Installer 5.1 NI MAX Remote Configuration Installer 5.1 NI MAX Support for 64 Bit Windows NI MDF Support NI mDNS Responder 1.6 for Windows 64-bit NI mDNS Responder 1.6.0 NI Measurement & Automation Explorer 5.1.0 NI Measurement Studio 2010 Service Pack 1 64-bit Runtime for VS2008 NI Measurement Studio 2010 Service Pack 1 Enterprise Examples for VS2005 NI Measurement Studio 2010 Service Pack 1 Enterprise Examples for VS2008 NI Measurement Studio 2010 Service Pack 1 for VS2005 NI Measurement Studio 2010 Service Pack 1 for VS2008 NI Measurement Studio 2010 Service Pack 1 for VS2010 NI Measurement Studio 2010 Service Pack 1 Help for VS2005 NI Measurement Studio 2010 Service Pack 1 Help for VS2008 NI Measurement Studio 2010 Service Pack 1 Integration for VS2008 NI Measurement Studio 2010 Service Pack 1 RunTime for VS2005 NI Measurement Studio 2010 Service Pack 1 RunTime for VS2008 NI Measurement Studio 8.6 Enterprise RunTime for VS2005 NI Measurement Studio Common .NET Assemblies (x64) for .NET 3.5 NI Measurement Studio Common .NET Assemblies for .NET 2.0 NI Measurement Studio Common .NET Assemblies for .NET 3.5 NI Measurement Studio Common .NET Language Assemblies for the .NET Framework 1.1 NI Measurement Studio DAQmx (x64) for Visual Studio 2008 NI Measurement Studio DAQmx for Visual Studio 2005 NI Measurement Studio DAQmx for Visual Studio 2008 NI Measurement Studio GPIB Support for VS2005 NI Measurement Studio GPIB Support for VS2008 NI Measurement Studio IIOA Support for VS2008 NI Measurement Studio Licenses NI Measurement Studio MAX Configuration Support for VS2003 NI Measurement Studio MAX Configuration Support for VS2005 NI Measurement Studio MAX Configuration Support for VS2008 NI Measurement Studio Recipe Processor NI Measurement Studio User Interface ActiveX controls NI Measurement Studio VISA Support for VS2005 NI Measurement Studio VISA Support for VS2008 NI Microsoft Silverlight Wrapper NI MIO Device Drivers 2.6.0 NI MIO Device Drivers for 64 Bit Windows 2.6.0 NI MXS 5.0.0 NI MXS 5.0.0 for 64 Bit Windows NI Network Browser 5.0.0 NI Network Discovery 5.1 NI Network Discovery 5.1 for Windows 64-bit NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support NI OPC Support NI Portable Configuration 5.0.0 NI Portable Configuration for 64 Bit Windows 5.0.0 NI PXI Hardware 64-bit Support 2.6.2 NI PXI Platform Framework 1.5.0 NI PXI Platform Framework 1.5.0 64-bit NI PXI Platform Services 2.6.2 NI PXI Platform Services 2.6.2 Configuration Support NI PXI Platform Services 2.6.2 Expert NI PXI SystemAPI Expert 2.6.2 NI PXI SystemAPI Expert 64-bit 2.6.2 NI Registration Wizard NI Remote Provider for MAX 5.1.0 NI Remote PXI Provider for MAX 5.1.0 NI RTSI Cable Core Installer 1.0.0 NI RTSI Cable Core Installer for 64 Bit Windows 1.0.0 NI RTSI PAL Device Library Installer 1.0.0 NI RTSI PAL Device Library Installer for 64 Bit Windows 1.0.0 NI RTSI UI Provider 1.0.0 NI RTSI UI Provider for 64 Bit Windows 1.0.0 NI SCXI 1.15.0 NI SCXI for 64 Bit Windows 1.15.0 NI Search Shared 64-bit NI Security Update (KB5Q5FJ4QW) - LabVIEW Run-Time Engine 8.2 NI Software Provider for MAX 5.0.0 NI Spy Windows 64 Support 3.0.0 NI SSL LabVIEW 2011 SP1 Support (64-bit) NI SSL Support NI SSL Support (64-bit) NI STC 1.10.0 NI STC for 64 Bit Windows 1.10.0 NI System API Client for WIF 5.1.0 NI System API Web-Servce 32-bit 5.0.0 NI System API Windows 32-bit 5.1.0 NI System API Windows 64-bit 5.1.0 NI System Configuration 5.1.0 LabVIEW Support NI System Configuration CVI Support 5.1.0 NI System Configuration LV2011 64-bit Support 5.1.0 NI System Configuration Runtime 5.1.0 NI System Configuration Runtime 5.1.0 for Windows 64-bit NI System State Publisher NI System State Publisher (64-bit) NI System Web Server 11.5 NI System Web Server Base 11.5 NI System Web Server Base 11.5 (64-bit) NI TDM Excel Add-In 3.3 NI TDM Excel Add-In 3.3 64-bit NI TDMS NI TDMS (64-bit) NI Timing for 64 Bit Windows 2.3.0 NI Timing Installer 2.3.0 NI Trace Engine NI Trace Engine (64-bit) NI Uninstaller NI Update Service 2.0 NI USI 1.9.1 NI USI 1.9.1 64-Bit NI Variable Engine (64-bit) NI Variable Engine 2.5.1 NI Variable Engine LabVIEW 2011 SP1 Support NI VC2005MSMs x64 NI VC2005MSMs x86 NI VC2008MSMs x64 NI VC2008MSMs x86 NI VC2010MSMs x64 NI VC2010MSMs x86 NI Web Application Server 11.5 NI Web Application Server 11.5 (64-bit) NI Web Interface Framework 11.5 NI Web Pipeline 2.0.1 NI Web Pipeline 2.0.1 64-bit support NI Xalan Delay Load 1.10.2 NI Xalan Delay Load 1.10.2 64-bit NI Xerces Delay Load 2.7.3 NI Xerces Delay Load 2.7.3 64-bit Novarm DipTrace NVIDIA 3D Vision Driver 306.97 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA HD Audio Driver 1.2.23.3 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components On Screen Display Oracle VM VirtualBox 4.1.10 Panel Pilot PANTONE Color Calibrator 1.0 Paragon Alignment Tool™ 3.0 PCB Matrix LP Calculator V2009 PCWH PCWHD PDF Architect PDFCreator Picasa 3 PNY Movie Player Power Manager Proteus Professional PSPPContent PSPPRO_DCRAW Quicken 2011 QuickTime RapidBoot Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 Renesas Electronics USB 3.0 Host Controller Driver Reset NI Config 5.0.0 Retrospect Client 7.7 RICOH_Media_Driver_v2.13.18.02 Saturn PCB Design, Inc. - PCB Toolkit Screen Shot SDFormatter SeaCOM Seagate DiscWizard SecureDoc Disk Encryption (x64) Security Update for 2007 Microsoft Office System (KB2288621) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2251487) Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2669970) Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972222) Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973675) Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Setup Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 Skype™ 6.1 SolidWorks 2013 x64 Edition SP02 SolidWorks eDrawings 2013 x64 Edition SP02 SolidWorks Explorer 2013 SP02 x64 Edition Spb Wallet 2.0.0 Spelling Dictionaries Support For Adobe Reader 9 SQL Server System CLR Types STLinkDriver swMSM System Requirements Lab System Requirements Lab for Intel TedPwrMonUtility Tera Term 4.69 TextPad 5 TheMatrix Screen Saver version 1.14 ThinkPad Bluetooth with Enhanced Data Rate Software ThinkPad FullScreen Magnifier ThinkPad UltraNav Driver ThinkPad UltraNav Utility ThinkVantage Access Connections ThinkVantage Active Protection System ThinkVantage AutoLock ThinkVantage Communications Utility ThinkVantage Fingerprint Software ThinkVantage Update Retriever TTLEditor 1.2.1 UltraCompare v7.00 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) Update for Microsoft Visual Studio Web Authoring Component (KB945140) USBee Drivers USBee Suite USBee ZX Digital Test Pod VC Runtimes MSI VC80CRTRedist - 8.0.50727.6195 ViewMate 11.2 Viewpoint Media Player VISA Shared Components 64-Bit Visual C++ 2008 IA64 Runtime - (v9.0.30729) Visual C++ 2008 IA64 Runtime - v9.0.30729.01 Visual C++ 2008 x64 Runtime - (v9.0.30729) Visual C++ 2008 x64 Runtime - (v9.0.30729.4148) Visual C++ 2008 x64 Runtime - (v9.0.30729.6161) Visual C++ 2008 x64 Runtime - v9.0.30729.01 Visual C++ 2008 x64 Runtime - v9.0.30729.4148 Visual C++ 2008 x64 Runtime - v9.0.30729.6161 Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - (v9.0.30729.4148) Visual C++ 2008 x86 Runtime - (v9.0.30729.6161) Visual C++ 2008 x86 Runtime - v9.0.30729.01 Visual C++ 2008 x86 Runtime - v9.0.30729.4148 Visual C++ 2008 x86 Runtime - v9.0.30729.6161 Visual Studio .NET Prerequisites - English Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) Visual TFT (remove only) WebReg WhoCrashed 3.01 WIF Core Dependencies Windows 5.1.0 WinDjView 1.0.3 Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) Windows Driver Package - Lascar Electronics Ltd. (usbser) Ports (01/02/2010 1.0.0.0) Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) Windows Driver Package - mikroElektronika (USB18PRG) ClassName (07/10/2010 6.1.7600) Windows Driver Package - Synaptics (SynTP) Mouse (02/17/2011 15.2.14.0) Windows Mobile 5.0 SDK R2 for Pocket PC Windows Mobile 5.0 SDK R2 for Smartphone WinRAR 4.20 (64-bit) WinZip 17.0 X-CTU X-Rite Device i1Display Service X-Rite Device Manager Xiph QuickTime Components Yahoo! Detect Yahoo! Install Manager Yahoo! Widgets . ==== Event Viewer Messages From Past Week ======== . 2/18/2013 11:47:33 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 2/18/2013 11:47:33 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 2/18/2013 11:45:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 2/18/2013 10:34:52 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4. 2/17/2013 8:56:48 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR12. 2/17/2013 7:35:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR11. 2/17/2013 6:46:34 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR10. 2/17/2013 4:33:19 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR9. 2/17/2013 4:28:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR8. 2/17/2013 4:26:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR7. 2/17/2013 4:14:47 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR6. 2/17/2013 2:58:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR5. 2/16/2013 9:38:29 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={4D856B44-13D8-4496-A641-A79CFA74C619}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. 2/16/2013 9:33:01 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={D4FB3605-0595-4757-A071-83F0EB48378A}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. 2/16/2013 9:27:14 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={5E6A82EC-9A69-4BE3-8598-C06CF2D9A171}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. 2/16/2013 4:12:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{D2A7A852-E2FD-4269-A4B4-C5D539937BDA} because another computer on the network has the same name. The server could not start. 2/14/2013 6:29:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 2/14/2013 3:54:05 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll 2/11/2013 7:38:03 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. . ==== End Of File ===========================
  12. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2 Run by twhauff at 12:11:52 on 2013-02-18 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.15269.10767 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Core Temp\Core Temp.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Anuko\World Clock\timesync.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe C:\Windows\system32\CxAudMsg64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\hasplms.exe C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe C:\Windows\SysWOW64\lkads.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\National Instruments\MAX\nimxs.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\nipalsm.exe C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe C:\Program Files (x86)\PDF Architect\HelperService.exe C:\Program Files (x86)\PDF Architect\ConversionService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Retrospect\Retrospect Client\RemotSvc.exe C:\Windows\SysWOW64\SAsrv.exe C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\Retrospect\Retrospect Client\retroclient.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe C:\Windows\SysWOW64\lkcitdl.exe C:\Windows\SysWOW64\lktsrv.exe C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\TpShocks.exe C:\Program Files\CONEXANT\ForteConfig\fmapp.exe C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe C:\Program Files\WinMagic\SecureDoc-NT\SDPin.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Anuko\World Clock\world_clock.exe C:\Program Files\Siber Systems\GoodSync\GoodSync.exe C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Program Files (x86)\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe C:\Windows\system32\rundll32.exe C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe C:\Windows\SysWOW64\nipxism.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe C:\Windows\SysWOW64\nipalsm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE C:\Program Files\Conexant\SAII\SmartAudio.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://my.yahoo.com/p/1.html uDefault_Page_URL = hxxp://lenovo.msn.com uProxyOverride = <local> mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Spb Wallet: {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files (x86)\Spb Wallet\SpbWalletToolbar.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AnukoWorldClock] C:\Program Files (x86)\Anuko\World Clock\world_clock.exe uRun: [GoodSync] "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /min uRun: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033 uRun: [Akamai NetSession Interface] "C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe" uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor mRun: [X-Rite Legacy Device] C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe mRun: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [TVT Scheduler Proxy] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask mRun: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe mRun: [ACWLIcon] C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe mRun: [ACTray] C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~2.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKS~1.LNK - C:\Windows\Installer\{08001201-5D65-445A-B3B4-3DCE72BA0C6C}\ENCICONS.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~1.LNK - C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~2.LNK - C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: DisableCAD = dword:1 IE: &Define - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Look Up in &Encyclopedia - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM IE: {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - hxxp://wthauff.viewnetcam.com:65001/JpegInst.cab TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\2556E61696373716E63656 : DHCPNameServer = 195.175.39.39 195.175.39.40 208.67.222.222 TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\4554B4E494B4D234F42505F425144554 : DHCPNameServer = 10.18.100.20 10.18.100.21 10.18.100.22 TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\A5978554C4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{43B9CA40-B87E-44A6-AABE-876604AC54BB} : DHCPNameServer = 192.168.101.9 4.2.2.2 64.65.208.6 64.69.96.35 TCP: Interfaces\{4B10D2BE-6678-4F6B-B743-AC46162482D7} : DHCPNameServer = 68.87.64.150 68.87.75.198 TCP: Interfaces\{64309864-C907-48FD-A6E1-51D394E5EB31} : DHCPNameServer = 75.75.75.75 75.75.76.76 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> LSA: Authentication Packages = msv1_0 relog_ap LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina IFEO: Notepad.exe - "C:\Program Files (x86)\TextPad 5\TextPad.exe" -n x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TpShocks] TpShocks.exe x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [seagate Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [startSecurDoc] "C:\Program Files\WinMagic\SecureDoc-NT\SDPin.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax" x64-Run: [intelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless x64-Run: [ResetACGauge] C:\Program Files (x86)\Lenovo\Access Connections\smbhlpr.exe /RESETACGAUGEREG x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll x64-SSODL: WebCheck - <orphaned> x64-IFEO: Notepad.exe - "C:\Program Files (x86)\TextPad 5\TextPad.exe" -n . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Thomas W. Hauff\AppData\Roaming\Mozilla\Firefox\Profiles\4xrmwqsf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl= FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win64.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv86win32.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin8.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt\plugins\NPPDFArchitectPreviewerPlugin.dll FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin8.dll FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - plugin: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-02-01 13:40; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt . ============= SERVICES / DRIVERS =============== . R0 dlkmdldr;dlkmdldr;C:\Windows\System32\drivers\dlkmdldr.sys [2012-12-18 15184] R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-5-18 29512] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 nipbcfk;National Instruments Class Upper Filter Driver;C:\Windows\System32\drivers\nipbcfk.sys [2010-3-24 16984] R0 nipxibaf;National Instruments PXI Bridge Access Driver;C:\Windows\System32\drivers\nipxibaf.sys [2011-4-8 82568] R0 nipxibrc;National Instruments PXI Bridge Configuration Driver;C:\Windows\System32\drivers\nipxibrc.sys [2011-4-8 54424] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-11-2 30056] R0 PinFile;PinFile;C:\Windows\System32\drivers\PinFile.sys [2010-9-23 21576] R0 SDDisk2K;SDDisk2K;C:\Windows\System32\drivers\SDDisk2K.sys [2011-9-22 205384] R0 SDDToki;SDDToki;C:\Windows\System32\drivers\SDDToki.sys [2011-5-10 114760] R0 SDDVD;SDDVD;C:\Windows\System32\drivers\SDDVD.sys [2011-5-11 70728] R0 SDUPC;SDUPC;C:\Windows\System32\drivers\SDUPC.sys [2009-3-5 20992] R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664] R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2010-12-29 15472] R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-11-2 284008] R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136] R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2012-12-19 78208] R2 AnukoTime;Anuko Time;C:\Program Files (x86)\Anuko\World Clock\timesync.exe [2012-7-6 112824] R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-5-18 198784] R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2012-4-10 8498608] R2 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?] R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920] R2 i1 Display Service;X-Rite Device i1 Display;C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe [2011-5-29 163328] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-9-6 170824] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-7 210896] R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-5-29 40808] R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2013-2-14 127072] R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-5-29 59240] R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-12-18 133992] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-8 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-8 682344] R2 ni488enumsvc;NI-488.2 Enumeration Service;C:\Windows\SysWOW64\nipalsm.exe [2010-3-24 12696] R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-3-6 50336] R2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe [2010-3-24 12696] R2 niLXIDiscovery;National Instruments LXI Discovery Service;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2011-6-20 233664] R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224] R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-11-30 121032] R2 nipxirmk;nipxirmk;C:\Windows\System32\drivers\nipxirmkl.sys [2011-7-7 12952] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008] R2 NiViPxiK;NI-VISA PXI Driver;C:\Windows\System32\drivers\NiViPxiKl.sys [2011-8-17 12968] R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-1-9 1324104] R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-1-9 795208] R2 Retrospect Client;Retrospect Client;C:\Program Files (x86)\Retrospect\Retrospect Client\RemotSvc.exe [2010-8-20 61440] R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-5-18 101376] R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?] R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048] R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2013-2-14 127120] R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2013-2-14 125504] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-18 2656280] R2 Viewpoint Service;Viewpoint Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2011-10-12 30152] R2 WinMagic SecureDoc Service;WinMagic SecureDoc Service;C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe [2011-10-1 438856] R2 xritedeviced;X-Rite Device Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [2011-5-18 142848] R2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [2011-11-1 994064] R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-5-29 166016] R3 dlkmd;dlkmd;C:\Windows\System32\drivers\dlkmd.sys [2012-12-18 301904] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2010-8-24 74320] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2010-8-24 13392] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-8 24176] R3 ni488lock;NI-488.2 Locking Service;C:\Windows\System32\drivers\ni488lock.sys [2011-10-19 18568] R3 nidimk;nidimk;C:\Windows\System32\drivers\nidimkl.sys [2011-7-1 12968] R3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\Windows\System32\drivers\niede.sys [2010-6-15 38064] R3 nimru2k;nimru2k;C:\Windows\System32\drivers\nimru2kl.sys [2009-8-24 11872] R3 nimstsk;nimstsk;C:\Windows\System32\drivers\nimstskl.sys [2011-3-22 12968] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 NiViPciK;NI-VISA PCI Driver;C:\Windows\System32\drivers\NiViPciKl.sys [2011-8-17 12968] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-5-10 97792] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-5-10 217600] R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2010-9-28 41536] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144] S3 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;C:\Windows\System32\drivers\ax88178.sys [2011-10-4 56320] S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-5-18 437288] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-18 39976] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-1-18 77352] S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864] S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\System32\drivers\DisplayLinkUsbPort_6.1.32700.0.sys [2012-12-18 17408] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168] S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-11-3 320576] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-6-3 1431888] S3 lvalarmk;lvalarmk;C:\Windows\System32\drivers\lvalarmk.sys [2008-12-5 25224] S3 MCHPUSB;MCHPUSB;C:\Windows\System32\drivers\mchpusb64.sys [2008-5-12 64512] S3 ni1006k;NI PXI-1006 Chassis Pilot;C:\Windows\System32\drivers\ni1006k.sys [2011-4-8 30800] S3 ni1045k;NI PXI-1045 Chassis Pilot;C:\Windows\System32\drivers\ni1045kl.sys [2011-4-8 11856] S3 ni1065k;NI PXIe-1065 Chassis Pilot;C:\Windows\System32\drivers\ni1065k.sys [2011-4-8 26704] S3 nicdrk;nicdrk;C:\Windows\System32\drivers\nicdrkl.sys [2010-8-12 11864] S3 nicmrk;nicmrk;C:\Windows\System32\drivers\nicmrkl.sys [2011-4-1 12976] S3 nicondrk;nicondrk;C:\Windows\System32\drivers\nicondrkl.sys [2011-4-1 12936] S3 nicsrk;nicsrk;C:\Windows\System32\drivers\nicsrkl.sys [2011-4-1 12944] S3 nidmxfk;nidmxfk;C:\Windows\System32\drivers\nidmxfkl.sys [2011-3-22 12944] S3 nidsark;nidsark;C:\Windows\System32\drivers\nidsarkl.sys [2011-3-23 12952] S3 niemrk;niemrk;C:\Windows\System32\drivers\niemrkl.sys [2011-3-23 12944] S3 niesrk;niesrk;C:\Windows\System32\drivers\niesrkl.sys [2011-3-23 12944] S3 nifslk;nifslk;C:\Windows\System32\drivers\nifslkl.sys [2011-6-15 12960] S3 nimsdrk;nimsdrk;C:\Windows\System32\drivers\nimsdrkl.sys [2011-3-22 13000] S3 nimxpk;nimxpk;C:\Windows\System32\drivers\nimxpkl.sys [2011-3-22 12976] S3 ninshsdk;ninshsdk;C:\Windows\System32\drivers\ninshsdkl.sys [2010-7-14 12968] S3 nipalfwedl;nipalfwedl;C:\Windows\System32\drivers\nipalfwedl.sys [2011-6-29 12992] S3 nipalusbedl;nipalusbedl;C:\Windows\System32\drivers\nipalusbedl.sys [2011-6-29 12992] S3 nipxigpk;NI PXI Generic Chassis Pilot;C:\Windows\System32\drivers\nipxigpk.sys [2011-7-7 22680] S3 niraptrk;niraptrk;C:\Windows\System32\drivers\niraptrkl.sys [2011-4-1 12936] S3 niscdk;niscdk;C:\Windows\System32\drivers\niscdkl.sys [2010-7-12 12984] S3 nisdigk;nisdigk;C:\Windows\System32\drivers\nisdigkl.sys [2010-10-1 12960] S3 nisftk;nisftk;C:\Windows\System32\drivers\nisftkl.sys [2010-7-14 12952] S3 nispdk;nispdk;C:\Windows\System32\drivers\nispdkl.sys [2010-7-12 12984] S3 nissrk;nissrk;C:\Windows\System32\drivers\nissrkl.sys [2011-3-23 12944] S3 nistc2k;nistc2k;C:\Windows\System32\drivers\nistc2kl.sys [2009-1-5 11824] S3 nistc3rk;nistc3rk;C:\Windows\System32\drivers\nistc3rkl.sys [2011-3-23 12936] S3 nistcrk;nistcrk;C:\Windows\System32\drivers\nistcrkl.sys [2009-8-31 11872] S3 niswdk;niswdk;C:\Windows\System32\drivers\niswdkl.sys [2011-3-23 12936] S3 nitiork;nitiork;C:\Windows\System32\drivers\nitiorkl.sys [2011-3-23 12968] S3 niufurk;niufurk;C:\Windows\System32\drivers\niufurkl.sys [2011-3-23 12968] S3 niwfrk;niwfrk;C:\Windows\System32\drivers\niwfrkl.sys [2011-3-23 12944] S3 nixsrk;nixsrk;C:\Windows\System32\drivers\nixsrkl.sys [2011-3-23 12944] S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2011-5-18 31152] S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-5-18 1666112] S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2011-5-29 1665088] S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2012-6-13 27336] S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2012-6-13 71680] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 USB18PRG;mikroElektronika USB18F Device (x64 Platform);C:\Windows\System32\drivers\USB18PRG.sys [2009-11-17 53320] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 USBee;CWAV USBee Drivers;C:\Windows\System32\drivers\USBee.sys [2009-2-10 49728] S3 Usbtmc;ausbtmc;C:\Windows\System32\drivers\ausbtmc.sys [2010-7-28 22528] S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-3-13 117040] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-30 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-12-1 42392] S4 FfeCore;WinMagic File-Folder Encryptor - core services;C:\Windows\System32\drivers\FfeCore.sys [2011-11-4 478280] S4 FfeDisk;WinMagic File-Folder Encryptor - Psuedo Disk;C:\Windows\System32\drivers\FfeDisk.sys [2011-11-4 14920] S4 FfeDsManager;FFE DS Manager;C:\Windows\System32\drivers\FfeDsManager.sys [2011-11-4 201288] S4 FfeDt;FFE Data Transformation services;C:\Windows\System32\drivers\FfeDt.sys [2011-11-4 148040] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-3-6 68256] . =============== File Associations =============== . FileExt: .scr: AutoCADLTScriptFile=C:\Windows\System32\notepad.exe "%1" FileExt: .txt: TextPad.txt="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s FileExt: .ini: TextPad.ini="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s FileExt: .inf: TextPad.inf="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s . =============== Created Last 30 ================ . 2013-02-18 16:39:24 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll 2013-02-18 16:39:04 106240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-02-18 16:17:03 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 17:45:09 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5127F797-04FD-4F02-8DD2-6BA7BE6CFFE9}\mpengine.dll 2013-02-16 21:22:06 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-02-14 12:29:29 53248 ----a-r- C:\Users\Thomas W. Hauff\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe 2013-02-14 12:29:29 -------- d-----w- C:\Program Files\Common Files\Lenovo 2013-02-14 12:29:27 53248 ----a-r- C:\Users\Thomas W. Hauff\AppData\Roaming\Microsoft\Installer\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}\ARPPRODUCTICON.exe 2013-02-13 14:58:11 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:58:11 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:55:57 -------- d-----w- C:\Atmel Arduino 2013-02-08 14:45:39 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\Malwarebytes 2013-02-08 14:45:32 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-08 14:45:31 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-02-08 14:45:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-06 12:12:20 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3dmouse 2013-02-05 20:57:08 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3Dconnexion 2013-02-05 16:17:45 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3Dconnexion_Inc 2013-02-05 16:07:33 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\3Dconnexion 2013-02-05 16:07:24 -------- d-----w- C:\Program Files (x86)\3Dconnexion 2013-02-05 16:07:14 -------- d-----w- C:\Program Files\3Dconnexion 2013-02-05 16:04:44 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2013-02-05 16:04:44 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2013-02-05 16:04:44 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2013-02-05 16:04:44 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2013-02-05 16:04:44 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2013-02-05 16:04:42 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2013-02-05 16:04:42 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2013-02-05 15:35:36 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\help_images_otherUI 2013-02-01 18:52:41 -------- d-----w- C:\ProgramData\PDF Architect 2013-02-01 18:41:01 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\PDF Architect 2013-02-01 18:40:26 -------- d-----w- C:\Program Files (x86)\PDF Architect 2013-02-01 18:40:20 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\pdfforge 2013-02-01 18:40:18 103936 ----a-w- C:\Windows\System32\pdfcmon.dll 2013-02-01 18:40:17 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL 2013-02-01 18:40:17 -------- d-----w- C:\Program Files (x86)\PDFCreator 2013-02-01 00:39:05 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-01 00:39:05 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-25 22:45:05 -------- d-----r- C:\Program Files (x86)\Skype 2013-01-20 20:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ==================== Find3M ==================== . 2013-02-18 16:16:58 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-02-18 16:16:58 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-01 17:49:02 4546 --sha-w- C:\ProgramData\KGyGaAvL.sys 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-20 20:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-19 03:20:24 2341928 ----a-w- C:\Windows\System32\SRACAVIControl.ocx 2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-08 20:32:04 45056 ----a-w- C:\Windows\System32\Launch3DxGUI.cpl 2013-01-08 20:30:34 109056 ----a-w- C:\Windows\System32\siappdll.dll 2013-01-08 20:29:34 56832 ----a-w- C:\Windows\System32\spwini.dll 2013-01-08 20:24:56 85504 ----a-w- C:\Windows\SysWow64\siappdll.dll 2013-01-08 20:23:58 45568 ----a-w- C:\Windows\SysWow64\spwini.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd9.dll 2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd11.dll 2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd10.dll 2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd9.dll 2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd11.dll 2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd10.dll 2012-12-18 14:10:31 2071040 ----a-w- C:\Windows\System32\DisplayLinkUsbCo64_6.1.32700.0.dll 2012-12-18 14:10:31 17408 ----a-w- C:\Windows\System32\drivers\DisplayLinkUsbPort_6.1.32700.0.sys 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2011-08-23 22:42:54 332144 ----a-w- C:\Program Files (x86)\Common Files\MediaOrganizer.dll 2011-08-23 22:35:38 33136 ----a-w- C:\Program Files (x86)\Common Files\FlickrProvider.dll 2011-08-23 22:35:14 402800 ----a-w- C:\Program Files (x86)\Common Files\facebook.dll 2011-08-23 22:35:14 130416 ----a-w- C:\Program Files (x86)\Common Files\PluginCommon.dll 2011-08-23 22:34:26 465264 ----a-w- C:\Program Files (x86)\Common Files\AppFramework.dll . ============= FINISH: 12:12:11.24 ===============
  13. Hello Maniac Yes I'm running Malwarbytes Pro so I did a quite scan and have attached that log also. Here are the two DDS logs. GeckospotNixie attach.txt dds.txt mbam-log-2013-02-18 (11-57-50).txt
  14. Back on Feb. 8th 2013 I got the “Smart HDD” malware. I used these directions to remove it and get running again. http://www.bleepingcomputer.com/virus-removal/remove-smart-hdd I would just like someone to guide me in checking thing out to make sure there is not something in the registry or something. Thanks GeckospotNixie
  15. I see you got the donation good. I'm Thomas by the way. Ok removed Java 6 and replaced. Removed Adoboe reader and replaced with reader 11.0.1. Ran SecurityCheck and here are the results. Results of screen317's Security Check version 0.99.58 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 7 Update 13 Adobe Reader XI Mozilla Firefox (for.) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` This computer has an OCZ SSD in it so not defragmenting. Uninstalled ComboFix OK Ran OTL clicked Cleanup and rebooted OK. Deleted RogueKiller and files OK AdwCleaner uninstalled OK Posted Comment Thank YOU MrCharlie!!