Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mark asked me to file in this forum


  • Please log in to reply
1 reply to this topic

#1 dcalistro

dcalistro

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:35 PM

Posted 23 September 2009 - 06:52 PM

Here you are, It didnt seem like this much info based on how quickly the scan went. Thanks for all of you help Mark, Darren


[*]
2009kr-09-23,13:34:29 System Repair Engineer 2.8.1.1279 Emergency Scan Mode Smallfrogs (http://www.KZTechs.com) Windows 7 Ultimate Edition (Build 7600) Follow item(s) have been selected: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Running Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Scheduled Tasks Windows Security Update Check Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <uTorrent><"C:\Program Files (x86)\uTorrent\uTorrent.exe"> [(Verified)Microsoft Windows] <Auslogics BoostSpeed><C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe> [(Verified)Auslogics Software] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <AVP><"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"> [(Verified)Kaspersky Lab] <mxomssmenu><"C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe"> [(Verified)"Seagate Technology, LLC"] <IObit Security 360><C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe> [(Verified)IObit Information Technology] <SunJavaUpdateSched><"C:\Program Files (x86)\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows] <Userinit><C:\Windows\system32\UserInit.exe,> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL> [SuperAdBlocker.com] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <WebCheck><> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] <WinlogonNotify: !SASWinLogon><C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll> [SUPERAntiSpyware.com] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <Browser Customizations><"C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Windows><"%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Web Platform Customizations><C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install> [(Verified)Microsoft Windows] ================================== Startup Folders [Canon IJ Status Monitor Canon Inkjet PIXMA iP3000] <C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon Inkjet PIXMA iP3000.lnk --> C:\Windows\system32\rundll32.exe [Microsoft Corporation]><N> [Canon IJ Status Monitor Canon Inkjet PIXMA iP3000] <C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon Inkjet PIXMA iP3000.lnk --> C:\Windows\system32\rundll32.exe [Microsoft Corporation]><N> ================================== Services [Acronis Scheduler2 Service / AcrSch2Svc][Running/Auto Start] <"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"><Acronis> [Application Experience / AeLookupSvc][Stopped/Auto Start] <C:\Windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\aelupsvc.dll><Microsoft Corporation> [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.> [Windows Audio Endpoint Builder / AudioEndpointBuilder][Running/Auto Start] <C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\System32\Audiosrv.dll><Microsoft Corporation> [Windows Audio / AudioSrv][Running/Auto Start] <C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted-->%SystemRoot%\System32\Audiosrv.dll><Microsoft Corporation> [Kaspersky Internet Security / AVP][Running/Auto Start] <"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" -r><Kaspersky Lab> [ActiveX Installer (AxInstSV) / AxInstSV][Stopped/Manual Start] <C:\Windows\system32\svchost.exe -k AxInstSVGroup-->%SystemRoot%\System32\AxInstSV.dll><Microsoft Corporation> [BitLocker Drive Encryption Service / BDESVC][Stopped/Manual Start] <C:\Windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\bdesvc.dll><Microsoft Corporation> [Base Filtering Engine / BFE][Running/Auto Start] <C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork-->%SystemRoot%\System32\bfe.dll><Microsoft Corporation> [Background Intelligent Transfer Service / BITS][Running/Auto Start] <C:\Windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\qmgr.dll><Microsoft Corporation> [Bonjour Service / Bonjour Service][Running/Auto Start] <"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"><Apple Inc.> [Computer Browser / Browser][Stopped/Manual Start] <C:\Windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation> [Bluetooth Support Service / bthserv][Stopped/Manual Start] <C:\Windows\system32\svchost.exe -k bthsvcs-->%SystemRoot%\system32\bthserv.dll><Microsoft Corporation> [Certificate Propagation / CertPropSvc][Stopped/Disabled] <C:\Windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\certprop.dll><Microsoft Corporation> [Offline Files / CscService][Stopped/Disabled] <C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\System32\cscsvc.dll><Microsoft Corporation> [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start] <C:\Windows\system32\svchost.exe -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation> [Disk Defragmenter / defragsvc][Stopped/Manual Start] <C:\Windows\system32\svchost.exe -k defragsvc-->%Systemroot%\System32\defragsvc.dll><Microsoft Corporation> [DNS Client / Dnscache][Running/Auto Start] <C:\Windows\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation> [Wired AutoConfig / dot3svc][Stopped/Manual Start] <C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\System32\dot3svc.dll><Microsoft Corporation> [Diagnostic Policy Service / DPS][Running/Auto Start] <C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork-->%SystemRoot%\system32\dps.dll><Microsoft Corporation> [Extensible Authentication Protocol / EapHost][Running/Manual Start] <C:\Windows\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\eapsvc.dll><Microsoft Corporation> [Iconix Update Service / IconixService][Running/Auto Start] <"C:\Program Files (x86)\Common Files\eMail ID\IconixService.exe"><> [IKE and AuthIP IPsec Keying Modules / IKEEXT][Running/Auto Start] <C:\Windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ikeext.dll><Microsoft Corporation> [PnP-X IP Bus Enumerator / IPBusEnum][Stopped/Manual Start] <C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\system32\ipbusenum.dll><Microsoft Corporation> [IP Helper / iphlpsvc][Stopped/Disabled] <C:\Windows\System32\svchost.exe -k NetSvcs-->%SystemRoot%\System32\iphlpsvc.dll><Microsoft Corporation> [iPod Service / iPod Service][Stopped/Manual Start] <"C:\Program Files (x86)\iPod\bin\iPodService.exe"><Apple Inc.> [IS360service / IS360service][Running/Auto Start] <C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe><IObit> [Maxtor Service / Maxtor Sync Service][Running/Auto Start] <"C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe"><Seagate Technology LLC> [Media Center Extender Service / Mcx2Svc][Stopped/Disabled] <C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation-->%SystemRoot%\system32\Mcx2Svc.dll><Microsoft Corporation> [Multimedia Class Scheduler / MMCSS][Running/Auto Start] <C:\Windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\mmcss.dll><Microsoft Corporation> [Windows Firewall / MpsSvc][Running/Auto Start] <C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork-->%SystemRoot%\system32\mpssvc.dll><Microsoft Corporation> [MSCamSvc / MSCamSvc][Stopped/Manual Start] <"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"><(File is missing)> [NVIDIA Display Driver Service / nvsvc][Running/Auto Start] <C:\Windows\system32\nvvsvc.exe><NVIDIA Corporation> [Peer Networking Identity Manager / p2pimsvc][Running/Manual Start] <C:\Windows\System32\svchost.exe -k LocalServicePeerNet-->%SystemRoot%\system32\pnrpsvc.dll><Microsoft Corporation> [Peer Networking Grouping / p2psvc][Running/Manual Start] <C:\Windows\System32\svchost.exe -k LocalServicePeerNet-->%SystemRoot%\system32\p2psvc.dll><Microsoft Corporation> [Program Compatibility Assistant Service / PcaSvc][Running/Auto Start] <C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\System32\pcasvc.dll><Microsoft Corporation> [BranchCache / PeerDistSvc][Stopped/Manual Start] <C:\Windows\System32\svchost.exe -k PeerDist-->%SystemRoot%\system32\peerdistsvc.dll><Microsoft Corporation> [Plug and Play / PlugPlay][Running/Auto Start] <C:\Windows\system32\svchost.exe -k DcomLaunch-->%SystemRoot%\system32\umpnpmgr.dll><Microsoft Corporation> [PNRP Machine Name Publication Service / PNRPAutoReg][Stopped/Manual Start] <C:\Windows\System32\svchost.exe -k LocalServicePeerNet-->%SystemRoot%\system32\pnrpauto.dll><Microsoft Corporation> [Peer Name Resolution Protocol / PNRPsvc][Running/Manual Start] <C:\Windows\System32\svchost.exe -k LocalServicePeerNet-->%SystemRoot%\system32\pnrpsvc.dll><Microsoft Corporation> [IPsec Policy Agent / PolicyAgent][Running/Auto Start] <C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted-->%SystemRoot%\System32\ipsecsvc.dll><Microsoft Corporation> [Power / Power][Running/Auto Start] <C:\Windows\system32\svchost.exe -k DcomLaunch-->%SystemRoot%\system32\umpo.dll><Microsoft Corporation> [User Profile Service / ProfSvc][Running/Auto Start] <C:\Windows\system32\svchost.exe -k netsvcs-->%systemroot%\system32\profsvc.dll><Microsoft Corporation> [Windows Defender / WinDefend][Stopped/Manual Start] <C:\Windows\System32\svchost.exe -k secsvcs-->%ProgramFiles%\Windows Defender\mpsvc.dll><N/A> [Windows Management Instrumentation / Winmgmt][Running/Auto Start] <C:\Windows\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation> [WLAN AutoConfig / Wlansvc][Running/Auto Start] <C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted-->%SystemRoot%\System32\wlansvc.dll><Microsoft Corporation> [XAudioService / XAudioService][Running/Auto Start] <C:\Windows\system32\DRIVERS\xaudio64.exe><Conexant Systems, Inc.> ================================== Drivers [adp94xx / adp94xx][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adp94xx.sys><Adaptec, Inc.> [adpahci / adpahci][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adpahci.sys><Adaptec, Inc.> [adpu320 / adpu320][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.> [aliide / aliide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.> [amdsata / amdsata][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\amdsata.sys><Advanced Micro Devices> [amdsbs / amdsbs][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\amdsbs.sys><AMD Technologies Inc.> [amdxata / amdxata][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdxata.sys><Advanced Micro Devices> [arc / arc][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\arc.sys><Adaptec, Inc.> [arcsas / arcsas][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\arcsas.sys><Adaptec, Inc.> [Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\bxvbda.sys><Broadcom Corporation> [Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60a][Stopped/Manual Start] <system32\DRIVERS\b57nd60a.sys><Broadcom Corporation> [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\BrFiltLo.sys><Brother Industries, Ltd.> [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\BrFiltUp.sys><Brother Industries, Ltd.> [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start] <\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.> [Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.> [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.> [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.> [CAXHWAZL / CAXHWAZL][Running/Manual Start] <system32\DRIVERS\CAXHWAZL.sys><Conexant Systems, Inc.> [cmdide / cmdide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.> [Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Manual Start] <system32\drivers\CHDRT64.sys><Conexant Systems Inc.> [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] <system32\DRIVERS\e1e6232e.sys><Intel Corporation> [Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\evbda.sys><Broadcom Corporation> [elxstor / elxstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\elxstor.sys><Emulex> [GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start] <system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.> [Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start] <\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.> [HpSAMD / HpSAMD][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\HpSAMD.sys><Hewlett-Packard Company> [HSF_DPV / HSF_DPV][Running/Manual Start] <system32\DRIVERS\CAX_DPV.sys><Conexant Systems, Inc.> [iaStorV / iaStorV][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\iaStorV.sys><Intel Corporation> [iirsp / iirsp][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\iirsp.sys><Intel Corp./ICP vortex GmbH> [kl1 / kl1][Running/System Start] <system32\DRIVERS\kl1.sys><Kaspersky Lab> [Kaspersky Lab Boot Guard Driver / KLBG][Running/Boot Start] <\SystemRoot\system32\DRIVERS\klbg.sys><Kaspersky Lab> [Kaspersky Lab Driver / KLIF][Running/System Start] <system32\DRIVERS\klif.sys><Kaspersky Lab> [Kaspersky Anti-Virus NDIS 6 Filter / KLIM6][Running/System Start] <system32\DRIVERS\klim6.sys><Kaspersky Lab> [Kaspersky Lab KLMOUFLT / klmouflt][Running/Manual Start] <system32\DRIVERS\klmouflt.sys><Kaspersky Lab> [LSI_FC / LSI_FC][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_fc.sys><LSI Corporation> [LSI_SAS / LSI_SAS][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_sas.sys><LSI Corporation> [LSI_SAS2 / LSI_SAS2][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_sas2.sys><LSI Corporation> [LSI_SCSI / LSI_SCSI][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_scsi.sys><LSI Corporation> [mdmxsdk / mdmxsdk][Running/Auto Start] <system32\DRIVERS\mdmxsdk.sys><Conexant> [megasas / megasas][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\megasas.sys><LSI Corporation> [MegaSR / MegaSR][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\MegaSR.sys><LSI Corporation, Inc.> [Motorola USB Composite Device Driver / motccgp][Stopped/Manual Start] <system32\DRIVERS\motccgp.sys><Motorola> [MotCcgpFlService / motccgpfl][Stopped/Manual Start] <system32\DRIVERS\motccgpfl.sys><Motorola> [Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start] <system32\DRIVERS\motmodem.sys><Motorola> [Motorola USB Diagnostic Port / motport][Stopped/Manual Start] <system32\DRIVERS\motport.sys><Motorola> [Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit / netw5v64][Running/Manual Start] <system32\DRIVERS\netw5v64.sys><Intel Corporation> [nfrd960 / nfrd960][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nfrd960.sys><IBM Corporation> [nvlddmkm / nvlddmkm][Running/Manual Start] <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation> [nvraid / nvraid][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation> [nvstor / nvstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nvstor.sys><NVIDIA Corporation> [pavboot / pavboot][Running/Boot Start] <\SystemRoot\system32\drivers\pavboot64.sys><Panda Security, S.L.> [ql2300 / ql2300][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\ql2300.sys><QLogic Corporation> [ql40xx / ql40xx][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\ql40xx.sys><QLogic Corporation> [rimmptsk / rimmptsk][Running/Auto Start] <system32\DRIVERS\rimmpx64.sys><REDC> [rimsptsk / rimsptsk][Running/Auto Start] <system32\DRIVERS\rimspx64.sys><REDC> [Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start] <system32\DRIVERS\rixdpx64.sys><REDC> [SASDIFSV / SASDIFSV][Stopped/System Start] <\??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com> [SASENUM / SASENUM][Stopped/Manual Start] <\??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS><SUPERAdBlocker.com and SUPERAntiSpyware.com> [SASKUTIL / SASKUTIL][Stopped/System Start] <\??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys><SUPERAdBlocker.com and SUPERAntiSpyware.com> [SiSRaid2 / SiSRaid2][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp.> [SiSRaid4 / SiSRaid4][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems> [Acronis Snapshots Manager (Build 380) / snapman380][Running/Boot Start] <\SystemRoot\system32\DRIVERS\snman380.sys><Acronis> [SrvHsfHDA / SrvHsfHDA][Stopped/Manual Start] <system32\DRIVERS\VSTAZL6.SYS><Conexant Systems, Inc.> [SrvHsfV92 / SrvHsfV92][Stopped/Manual Start] <system32\DRIVERS\VSTDPV6.SYS><Conexant Systems, Inc.> [SrvHsfWinac / SrvHsfWinac][Stopped/Manual Start] <system32\DRIVERS\VSTCNXT6.SYS><Conexant Systems, Inc.> [stexstor / stexstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\stexstor.sys><Promise Technology> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [Acronis Try&Decide and Restore Points filter (build 147) / tdrpman147][Running/Boot Start] <\SystemRoot\system32\DRIVERS\tdrpm147.sys><Acronis> [Acronis True Image FS Filter / tifsfilter][Running/Auto Start] <system32\DRIVERS\tifsfilt.sys><Acronis> [Acronis True Image Backup Archive Explorer / timounter][Running/Boot Start] <\SystemRoot\system32\DRIVERS\timntr.sys><Acronis> [viaide / viaide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\viaide.sys><VIA Technologies, Inc.> [vsmraid / vsmraid][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\vsmraid.sys><VIA Technologies Inc.,Ltd> [winachsf / winachsf][Running/Manual Start] <system32\DRIVERS\CAX_CNXT.sys><Conexant Systems, Inc.> [XAudio / XAudio][Running/Auto Start] <system32\DRIVERS\xaudio64.sys><Conexant Systems, Inc.> ================================== Browser Add-ons [IEVkbdBHO Class] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll, (Signed) Kaspersky Lab> [Search Helper] {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} <C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll, (Signed) Microsoft Corporation> [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.> [BhoMisc Class] {E3578B37-6346-4EC1-A82B-38273A100DCF} <C:\Program Files (x86)\Trend Micro\TrendProtect\MSIE\wrs.dll, (Signed) Trend Micro Inc.> [] {400A6CFA-E326-4d61-A90C-9AD75358DC5F} <, > [] {4248FE82-7FCB-46AC-B270-339F08212110} <, > [] {BC3F6B6D-2E49-4603-B028-7411655713F3} <, > [] {CCF151D8-D089-449F-A5A4-D9909053F20F} <, > [] {3041d03e-fd4b-44e0-b742-2d9b88305f98} <, > [TrendProtect] {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} <C:\Program Files (x86)\Trend Micro\TrendProtect\MSIE\wrs.dll, (Signed) Trend Micro Inc.> [ActiveScan 2.0 Installer Class] {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} <C:\Windows\Downloaded Program Files\as2stubie.dll, (Signed) Panda Security> [Java Plug-in 1.6.0_15] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll, (Signed) > [ActiveScan 2.0 Installer Class] {9191F686-7F0A-441D-8A98-2FE3AC1BD913} <C:\Windows\Downloaded Program Files\CONFLICT.1\as2stubie.dll, (Signed) Panda Security> [Java Plug-in 1.6.0_01] {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll, (Signed) > [Java Plug-in 1.6.0_15] {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} <C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll, (Signed) > [Java Plug-in 1.6.0_15] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files (x86)\Java\jre6\bin\npjpi160_15.dll, (Signed) Sun Microsystems, Inc.> [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\SysWOW64\icardie.dll, (Signed) Microsoft Corporation> [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\SysWOW64\mshtml.dll, (Signed) Microsoft Corporation> [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [ActiveScan 2.0 Installer Class] {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} <C:\Windows\Downloaded Program Files\as2stubie.dll, (Signed) Panda Security> [] {3041D03E-FD4B-44E0-B742-2D9B88305F98} <, > [] {400A6CFA-E326-4D61-A90C-9AD75358DC5F} <, > [ActiveScan 2.0 AV Class] {41524153-46FB-488C-8E53-7624AB83C46F} <C:\Program Files (x86)\Panda Security\ActiveScan 2.0\as2guiie.dll, (Signed) Panda Security> [] {4248FE82-7FCB-46AC-B270-339F08212110} <, > [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\Windows\SysWOW64\ieframe.dll, (Signed) Microsoft Corporation> [IEVkbdBHO Class] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll, (Signed) Kaspersky Lab> [] {5C255C8A-E604-49B4-9D64-90988571CECB} <, > [Search Helper] {6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} <C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll, (Signed) Microsoft Corporation> [] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, > [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [Free Threaded XML DOM Document 6.0] {88D96A06-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [XSL Template 6.0] {88D96A08-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation> [ActiveScan 2.0 Installer Class] {9191F686-7F0A-441D-8A98-2FE3AC1BD913} <C:\Windows\Downloaded Program Files\CONFLICT.1\as2stubie.dll, (Signed) Panda Security> [ActiveScan 2.0 Control Class] {9CAB0A33-96F5-428D-9123-2333F2479AA2} <C:\Windows\Downloaded Program Files\CONFLICT.1\as2stubie.dll, (Signed) Panda Security> [Google Update Plugin] {B79267AC-3725-42EB-890A-6CF077567C47} <C:\Users\Darren\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll, (Signed) Google Inc.> [] {BC3F6B6D-2E49-4603-B028-7411655713F3} <, > [] {CCF151D8-D089-449F-A5A4-D9909053F20F} <, > [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A> [Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\SysWOW64\ieframe.dll, (Signed) Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.> [QuickTimeCheck Class] {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.> [] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~2\MSNMES~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation> [] {E33CF602-D945-461A-83F0-819F76A199F8} <, > [BhoMisc Class] {E3578B37-6346-4EC1-A82B-38273A100DCF} <C:\Program Files (x86)\Trend Micro\TrendProtect\MSIE\wrs.dll, (Signed) Trend Micro Inc.> [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [TrendProtect] {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} <C:\Program Files (x86)\Trend Micro\TrendProtect\MSIE\wrs.dll, (Signed) Trend Micro Inc.> [Add to Anti-Banner] <C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm, N/A> ================================== Running Processes [PID: 1864 / SYSTEM][C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.50.39.0] [PID: 812 / SYSTEM][C:\Program Files (x86)\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2] [PID: 1012 / SYSTEM][C:\Program Files (x86)\Common Files\eMail ID\IconixService.exe] [, 3.87.1.3] [PID: 1748 / SYSTEM][C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe] [IObit, 1.0.0.62] [C:\Program Files (x86)\IObit\IObit Security 360\rtl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [C:\Program Files (x86)\IObit\IObit Security 360\vcl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [PID: 1656 / SYSTEM][C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe] [Seagate Technology LLC, 4, 7, 0, 1] [C:\Program Files (x86)\Maxtor\Sync\DRVIFNT.dll] [Seagate Technology LLC, 4, 7, 0, 1] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files (x86)\Maxtor\Encryption\SFECopier.dll] [Seagate Technology LLC, 4.7.0.1] [C:\Program Files (x86)\Maxtor\Encryption\SFEConfiguration.dll] [Seagate Technology LLC, 4.7.0.1] [C:\Program Files (x86)\Maxtor\Encryption\SFECrypto.dll] [Seagate Technology LLC, 4.7.0.1] [C:\Program Files (x86)\Maxtor\Encryption\SFEPassword.dll] [Seagate Technology LLC, 4.7.0.1] [PID: 2116 / SYSTEM][C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe] [Microsoft Corporation, 1.3.59.0] [PID: 3176 / Darren][C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe] [IObit, 3.3.4.666] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\rtl70.bpl] [Borland Software Corporation, 7.0.4.453] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\vcl70.bpl] [Borland Software Corporation, 7.0.4.453] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\vclx70.bpl] [Borland Software Corporation, 7.0.4.453] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\WinSkinD7R.bpl] [, 1.0.0.0] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\NtfsData.dll] [N/A, ] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\STFix.dll] [N/A, ] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl] [N/A, ] [C:\Program Files (x86)\IObit\Advanced SystemCare 3\Routine.dll] [IObit, 1.0.0.32] [PID: 2936 / Darren][C:\Program Files (x86)\uTorrent\uTorrent.exe] [BitTorrent, Inc., 1.8.4.16442] [PID: 3416 / Darren][C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe] [SUPERAntiSpyware.com, 4, 29, 0, 1002] [C:\Program Files (x86)\SUPERAntiSpyware\deupx.dll] [SuperAntiSpyware.com, 1, 0, 0, 2] [C:\Users\Darren\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL] [N/A, ] [PID: 1876 / Darren][C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe] [Maxtor Corporation, 4, 7, 0, 7] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762] [c:\program files (x86)\maxtor\onetouch status\ot4maxmenu.dll] [Seagate LLC, 1.1. 0. 6] [PID: 3088 / Darren][C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe] [IObit, 1.0.0.76] [C:\Program Files (x86)\IObit\IObit Security 360\rtl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [C:\Program Files (x86)\IObit\IObit Security 360\vcl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [C:\Program Files (x86)\IObit\IObit Security 360\madDisAsm_.bpl] [N/A, ] [C:\Program Files (x86)\IObit\IObit Security 360\madBasic_.bpl] [N/A, ] [C:\Program Files (x86)\IObit\IObit Security 360\IS360mon.dll] [IObit, 1.0.0.25] [PID: 3216 / Darren][C:\Program Files (x86)\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.150.3] [PID: 3332 / Darren][C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe] [Auslogics, 1.5.11.235] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\rtl120.bpl] [Embarcadero Technologies, Inc., 12.0.3420.21218] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl] [N/A, ] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl] [N/A, ] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\vcl120.bpl] [Embarcadero Technologies, Inc., 12.0.3420.21218] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl] [N/A, ] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\Localizer.dll] [Auslogics, 4.5.5.45] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\AxPackage10.bpl] [Auslogics Software Ltd Pty, 2.0.0.16] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\helper.dll] [AusLogics, 4.5.5.52] [C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\settings.dll] [Auslogics, 1.5.10.105] [PID: 5036 / SYSTEM][C:\Program Files (x86)\IObit\IObit Security 360\is360.exe] [IObit, 1.0.0.60] [C:\Program Files (x86)\IObit\IObit Security 360\rtl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [C:\Program Files (x86)\IObit\IObit Security 360\vcl120.bpl] [Embarcadero Technologies, Inc., 12.0.3210.17555] [C:\Program Files (x86)\IObit\IObit Security 360\sqlite3.dll] [N/A, ] [C:\Program Files (x86)\IObit\IObit Security 360\taskdll.dll] [N/A, ] [PID: 4244 / Darren][C:\Users\Darren\AppData\Local\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\chrome.dll] [Google Inc., 4.0.211.7] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\gears.dll] [Google Inc., 0.5.32.0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\rlz.dll] [N/A, ] [PID: 3528 / Darren][C:\Users\Darren\AppData\Local\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\chrome.dll] [Google Inc., 4.0.211.7] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avcodec-52.dll] [N/A, ] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avutil-50.dll] [N/A, ] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avformat-52.dll] [N/A, ] [PID: 3540 / Darren][C:\Users\Darren\AppData\Local\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\chrome.dll] [Google Inc., 4.0.211.7] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\icudt42.dll] [IBM Corporation and others, 4, 2, 1, 0] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avcodec-52.dll] [N/A, ] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avutil-50.dll] [N/A, ] [C:\Users\Darren\AppData\Local\Google\Chrome\Application\4.0.211.7\avformat-52.dll] [N/A, ] [PID: 4228 / Darren][C:\Users\Darren\Desktop\cxtmgr\CxtMgrDlg.exe] [Smallfrogs Studio, 1, 3, 1, 30] [C:\Users\Darren\Desktop\cxtmgr\CxtMgrDll.dll] [Smallfrogs Studio, 1, 3, 0, 25] [PID: 5360 / Darren][C:\Windows\SysWow64\NOTEPAD.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16384 (win7_rtm.090710-1945)] [PID: 1224 / Darren][C:\Users\Darren\Desktop\cxtmgr\CxtMgrDlg.exe] [Smallfrogs Studio, 1, 3, 1, 30] [C:\Users\Darren\Desktop\cxtmgr\CxtMgrDll.dll] [Smallfrogs Studio, 1, 3, 0, 25] [PID: 5464 / Darren][C:\Users\Darren\Desktop\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279] [PID: 5748 / Darren][C:\Users\Darren\Desktop\sreng2\SRE3423db0a.EXE] [Smallfrogs Studio, 2.8.1.1279] ================================== File Associations .TXT Error. [%SystemRoot%\SysWow64\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["%SystemRoot%\hh.exe" %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI Error. [%SystemRoot%\SysWow64\NOTEPAD.EXE %1] .INF Error. [%SystemRoot%\SysWow64\NOTEPAD.EXE %1] .VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*] .JS Error. [%SystemRoot%\SysWow64\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File N/A ================================== Process Privileges Scan N/A ================================== Scheduled Tasks [Enabled] \\AWC Startup C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe /startup [Enabled] \\GoogleUpdateTaskUserS-1-5-21-874807280-3386996777-2707901702-1001Core C:\Users\Darren\AppData\Local\Google\Update\GoogleUpdate.exe /c [Enabled] \\GoogleUpdateTaskUserS-1-5-21-874807280-3386996777-2707901702-1001UA C:\Users\Darren\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Enabled] \\ParetoLogic Registration C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns [Enabled] \\ParetoLogic Update Version2 C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns [Enabled] \\Rescue Reminder for 2HAADBN2 C:\Program Files (x86)\Maxtor\ManagerApp\MaxUtilities.exe "-bmrReminder" "C:\ProgramData\Maxtor\ULC\BMR\config2HAADBN2.xml" "30" [Enabled] \\Secunia PSI Logon Task C:\Program Files (x86)\Secunia\PSI\psi.exe --start-in-tray [Enabled] \\{7FAF26C9-CBE8-4D8B-A806-78932DA8348A} C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" [Enabled] \Apple\AppleSoftwareUpdate C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Enabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) N/A [Enabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) N/A [Enabled] \Microsoft\Windows\AppID\PolicyConverter %windir%\system32\appidpolicyconverter.exe [Enabled] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck %windir%\system32\appidcertstorecheck.exe [Enabled] \Microsoft\Windows\Application Experience\AitAgent aitagent [Enabled] \Microsoft\Windows\Application Experience\ProgramDataUpdater %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [Enabled] \Microsoft\Windows\Autochk\Proxy %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [Enabled] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [Enabled] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [Enabled] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [Enabled] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c [Enabled] \Microsoft\Windows\Location\Notifications %windir%\System32\LocationNotifications.exe [Enabled] \Microsoft\Windows\Maintenance\WinSAT N/A [Enabled] \Microsoft\Windows\Media Center\ActivateWindowsSearch %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [Enabled] \Microsoft\Windows\Media Center\ConfigureInternetTimeService %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [Enabled] \Microsoft\Windows\Media Center\DispatchRecoveryTasks %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [Enabled] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [Enabled] \Microsoft\Windows\Media Center\InstallPlayReady %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [Enabled] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) [Enabled] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [Enabled] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [Enabled] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [Enabled] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [Enabled] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [Enabled] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [Enabled] \Microsoft\Windows\Media Center\PBDADiscovery %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [Enabled] \Microsoft\Windows\Media Center\PBDADiscoveryW1 %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [Enabled] \Microsoft\Windows\Media Center\PBDADiscoveryW2 %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [Enabled] \Microsoft\Windows\Media Center\PeriodicScanRetry %windir%\ehome\MCUpdate.exe -pscn 0 [Enabled] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [Enabled] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [Enabled] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [Enabled] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [Enabled] \Microsoft\Windows\Media Center\RecordingRestart %SystemRoot%\ehome\ehrec /RestartRecording [Enabled] \Microsoft\Windows\Media Center\RegisterSearch %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [Enabled] \Microsoft\Windows\Media Center\ReindexSearchRoot %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [Enabled] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [Enabled] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [Enabled] \Microsoft\Windows\Media Center\StartRecording %SystemRoot%\ehome\ehrec /StartRecording [Enabled] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [Enabled] \Microsoft\Windows\MobilePC\HotStart N/A [Enabled] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [Enabled] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [Enabled] \Microsoft\Windows\NetTrace\GatherNetworkInfo %windir%\system32\gatherNetworkInfo.vbs [Enabled] \Microsoft\Windows\Offline Files\Background Synchronization N/A [Enabled] \Microsoft\Windows\Offline Files\Logon Synchronization N/A [Enabled] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem %SystemRoot%\System32\powercfg.exe -energy -auto [Enabled] \Microsoft\Windows\Ras\MobilityManager N/A [Enabled] \Microsoft\Windows\SideShow\AutoWake N/A [Enabled] \Microsoft\Windows\SideShow\GadgetManager N/A [Enabled] \Microsoft\Windows\SideShow\SessionAgent N/A [Enabled] \Microsoft\Windows\SideShow\SystemDataProviders N/A [Enabled] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict1 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict2 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [Enabled] \Microsoft\Windows\Time Synchronization\SynchronizeTime %windir%\system32\sc.exe start w32time task_started [Enabled] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [Enabled] \Microsoft\Windows\User Profile Service\HiveUploadTask N/A [Enabled] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [Enabled] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [Enabled] \Microsoft\Windows\WindowsBackup\ConfigNotification %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [Enabled] \Microsoft\Windows\WindowsColorSystem\Calibration Loader N/A ================================== Windows Security Update Check KB972813, Thai Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Portuguese (Brazil) Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Serbian (Latin) Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Slovak Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Latvian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Finnish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Bulgarian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Chinese (Simplified) Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Spanish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Hebrew Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Estonian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Croatian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Arabic Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Norwegian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Ukrainian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Lithuanian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Romanian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Portuguese (Portugal) Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, German Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Korean Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Russian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Polish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, French Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Dutch Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Swedish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Czech Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Hungarian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Greek Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Danish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Japanese Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Slovenian Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Turkish Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Chinese (Traditional) Language Pack - Windows 7 for x64-based Systems (KB972813) KB972813, Italian Language Pack - Windows 7 for x64-based Systems (KB972813) KB974331, Microsoft Silverlight (KB974331) KB974331, Windows Live Essentials ================================== API HOOK Entrypoint Error: FindFirstFileW (Dangerous Level: High, Hooked by Module: 0xB93A1FB8) ================================== Hidden Process N/A
[/list]

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:35 PM

Posted 10 October 2009 - 10:25 AM

Hello dcalistro

Welcome to Welcome to BleepingComputer :(
=====================
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
===========
Download This file. Note its name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "Yes" to begin the scan.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users