Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

strange ads on my thread


  • This topic is locked This topic is locked
2 replies to this topic

#1 woodsman345

woodsman345

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 24 July 2011 - 03:11 PM

I was directed by the moderator of the "am I infected" section to post my DDS log here and get in line. Now my new win 7 machine is doing something strange
and I brought it to the attention of the people there when I was reading my other, separate post that is posted in this area instead of a normal ad there was a big busted good looking gal asking me to get with her. Click yes or click ignore. I clicked neither for I know it would be bad news no matter what LOL
Anyhow, I came back to my post later and it was gone, and did not think that ad came from this site so I posted a question that was moved to "infected" section and ended up here upon the suggestion of the experts. I posted my logs for MB and SAS there and MB was clean and sas had a few trojans associated with all the Rkill download links I downloaded for another machine. At least I hope they were not dangerous and grinler said they weren't but were flagged as such.
Something isn't right because my yahoo messenger wouldn't let me connect and asked for the proxy server to be checked. That isn't right. I un-installed messenger and re installed and that works but I clicked on a bad link I suspect in yahoo last week and it did this plus the bad ad on this site soon after.
This is the link to the thread I started about this ad problem which is in Am I infected.
http://www.bleepingcomputer.com/forums/topic410966.html
Thanks.

Here is my DDS log. 4

DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Joe at 12:55:16 on 2011-07-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6092.3656 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Pixart\Pac7311\Monitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 24.247.24.53 66.189.0.100
TCP: Interfaces\{CDEC2A5C-9BF8-49D2-99D7-61D33097192C} : DhcpNameServer = 24.247.24.53 66.189.0.100
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - C:\Program Files (x86)\Qualcomm\Eudora\EuShlExt.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64: TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH-X64: Eudora's Shell Extension: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files (x86)\Qualcomm\Eudora\EuShlExt.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\9be9cayg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [2011-7-5 1143416]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110722.031\IDSviA64.sys [2011-7-23 488056]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-4-8 514232]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-26 13336]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-6-29 130008]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-26 2656280]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-7-21 136824]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
R4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R4 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2011-7-19 3029208]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/05/26 08:02:43;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2011-7-19 85800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PAC7311;VGA USB Camera;C:\Windows\system32\DRIVERS\PA707UCM.SYS --> C:\Windows\system32\DRIVERS\PA707UCM.SYS [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\system32\DRIVERS\vpcuxd.sys --> C:\Windows\system32\DRIVERS\vpcuxd.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-07-22 12:22:04 -------- d-----w- C:\Users\Joe\Favorites1
2011-07-21 18:41:43 -------- d-----w- C:\Users\Joe\AppData\Local\NPE
2011-07-21 14:26:23 -------- d-----w- C:\Users\Joe\AppData\Roaming\SUPERAntiSpyware.com
2011-07-21 14:26:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-07-21 14:26:19 -------- d-----w- C:\ProgramData\!SASCORE
2011-07-21 14:26:16 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-07-20 21:47:43 -------- d-----w- C:\Users\Joe\AppData\Roaming\Malwarebytes
2011-07-20 21:47:36 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-20 21:47:35 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-20 21:47:32 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-20 21:47:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-19 14:31:25 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2011-07-19 14:21:42 -------- d-----w- C:\Emsisoft
2011-07-18 18:37:42 -------- d-----w- C:\Users\Joe\AppData\Local\{721CF0F8-0B55-4846-B815-A159664E2F00}
2011-07-16 00:35:05 -------- d-----w- C:\Users\Joe\AppData\Local\{DDB63D7F-709C-4E38-886E-3675B31C6AC2}
2011-07-13 14:32:18 -------- d-----w- C:\Windows\pss
2011-07-13 14:00:51 -------- d-----w- C:\Users\Joe\AppData\Roaming\Tific
2011-07-13 09:41:05 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-07-12 10:40:33 -------- d-----w- C:\Users\Joe\AppData\Local\CrashDumps
2011-07-10 20:02:53 -------- d-----w- C:\Users\Joe\AppData\Local\{D894A192-1C58-4B38-85B2-A4603BE42116}
2011-07-10 20:02:53 -------- d-----w- C:\Users\Joe\AppData\Local\{B7DE8989-3C0B-400A-935A-04D9B8384160}
2011-07-10 19:00:19 -------- d-----w- C:\Users\Joe\AppData\Local\Hewlett-Packard_Developme
2011-07-10 18:16:06 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
2011-07-10 18:15:16 -------- d-----w- C:\Windows\ShellNew
2011-07-10 13:16:04 22784 ----a-w- C:\Windows\SysWow64\drivers\afc.sys
2011-07-10 13:10:13 602112 ----a-w- C:\Windows\System32\drivers\PA707UCM.SYS
2011-07-10 13:10:13 119296 ----a-w- C:\Windows\SysWow64\SP7311.AX
2011-07-10 13:09:55 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-10 13:09:55 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-10 13:09:55 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-07-10 13:09:55 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-10 13:09:54 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-07-10 00:09:33 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-10 00:07:31 -------- d-----w- C:\Program Files (x86)\Yahoo!
2011-07-09 16:44:01 -------- d-----w- C:\$RECYCLE.BIN
2011-07-09 16:38:09 98816 ----a-w- C:\Windows\sed.exe
2011-07-09 16:38:09 518144 ----a-w- C:\Windows\SWREG.exe
2011-07-09 16:38:09 256000 ----a-w- C:\Windows\PEV.exe
2011-07-09 16:38:09 208896 ----a-w- C:\Windows\MBR.exe
2011-07-07 14:07:08 -------- d-----w- C:\Users\Joe\S4 Driver chip files and manuals 1st backup
2011-07-04 13:09:03 -------- d-----w- C:\Program Files (x86)\VGA USB Camera
2011-07-04 12:35:16 -------- d-----w- C:\Windows\Pixart
2011-07-04 12:20:46 220160 ----a-w- C:\Windows\PRINTERS.EXE
2011-07-04 12:20:46 -------- d-----w- C:\Program Files (x86)\D-Link
2011-07-02 21:54:08 -------- d-----w- C:\Users\Joe\68hc11trainer
2011-07-02 21:51:52 -------- d-----w- C:\Ep2IDE
2011-07-01 17:27:35 -------- d-----w- C:\Users\Joe\S4 Driver chip files and manuals 2nd BACKUP
2011-07-01 17:02:14 1660232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM.dll
2011-07-01 14:42:05 -------- d-----w- C:\Users\Joe\AppData\Local\Mozilla
2011-07-01 14:24:52 -------- d-----w- C:\ProgramData\VirtualizedApplications
2011-07-01 00:32:10 -------- d-----w- C:\Users\Joe\AppData\Roaming\IDT
2011-06-30 15:27:44 -------- d-----w- C:\Windows\System32\appmgmt
2011-06-30 15:15:48 -------- d-----w- C:\Users\Joe\AppData\Roaming\SoftGrid Client
2011-06-30 15:15:48 -------- d-----w- C:\Users\Joe\AppData\Local\SoftGrid Client
2011-06-30 15:14:49 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-06-30 15:14:32 -------- d-----w- C:\Users\Joe\AppData\Roaming\TP
2011-06-30 14:55:37 -------- d--h--w- C:\Windows\msdownld.tmp
2011-06-30 14:55:19 -------- d-----w- C:\Program Files (x86)\Microsoft Works Suite 2000
2011-06-30 14:15:54 258048 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfppw73.dll
2011-06-30 13:45:49 -------- d-----w- C:\ProgramData\Synaptics
2011-06-30 13:16:47 212480 ----a-w- C:\Windows\PCDLIB32.DLL
2011-06-30 13:16:47 -------- d-----w- C:\Program Files (x86)\Polaroid
2011-06-30 13:07:19 77312 ----a-w- C:\Windows\SysWow64\TWAIN_32.DLL
2011-06-30 13:07:19 212480 ----a-w- C:\Windows\SysWow64\PCDLIB32.DLL
2011-06-30 13:07:07 306688 ----a-w- C:\Windows\IsUninst.exe
2011-06-30 12:22:48 -------- d---a-w- C:\Users\Joe\S4 Driver chip files and manuals previos BACKUP
2011-06-30 11:48:25 -------- d-----w- C:\Users\Joe\AppData\Roaming\Qualcomm
2011-06-30 11:30:21 -------- d-----w- C:\Users\Joe\AppData\Local\Apps
2011-06-30 11:22:54 -------- d-----w- C:\Program Files (x86)\Qualcomm
2011-06-30 11:05:53 -------- d-----w- C:\Users\Joe\S4WinDriver
2011-06-30 10:41:35 97280 ----a-w- C:\Windows\System32\drivers\ser2pl64.sys
2011-06-30 10:41:34 35892 ----a-w- C:\Windows\SysWow64\SER9PL.sys
2011-06-30 10:41:34 26719 ----a-w- C:\Windows\SysWow64\SERSPL.VXD
2011-06-30 10:28:17 -------- d-----w- C:\Users\Joe\AppData\Local\Adobe
2011-06-30 10:23:20 -------- d-----w- C:\Users\Joe\AppData\Local\Downloaded Installations
2011-06-30 10:21:46 -------- d-----w- C:\Users\Joe\AppData\Local\Kjs.AppLife.Update
2011-06-30 10:20:50 -------- d-----w- C:\ProgramData\Blio
2011-06-30 10:20:40 -------- d-----w- C:\Users\Joe\AppData\Roaming\Blio
2011-06-29 23:21:25 -------- d-----w- C:\Program Files\Windows XP Mode
2011-06-29 23:03:10 -------- d-----w- C:\Users\Joe\AppData\Local\Diagnostics
2011-06-29 22:57:48 -------- d-----r- C:\Users\Joe\Virtual Machines
2011-06-29 22:51:44 3584 ----a-w- C:\Windows\System32\drivers\nb-NO\vpchbus.sys.mui
2011-06-29 22:01:49 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symefa64.sys
2011-06-29 22:01:49 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtsp64.sys
2011-06-29 22:01:49 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symds64.sys
2011-06-29 22:01:49 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtspx64.sys
2011-06-29 22:01:49 382584 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys
2011-06-29 22:01:49 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\ironx64.sys
2011-06-29 22:01:41 -------- d-----w- C:\Windows\System32\drivers\NISx64\1206000.01D
2011-06-29 21:44:13 -------- d-----w- C:\Users\Joe\AppData\Local\{31392EF6-D3C2-48EE-9B64-6C581A701EE1}
2011-06-29 21:43:58 -------- d-----w- C:\Users\Joe\AppData\Roaming\Windows Live Writer
2011-06-29 21:43:58 -------- d-----w- C:\Users\Joe\AppData\Local\Windows Live Writer
2011-06-29 21:25:56 -------- d-----w- C:\Windows\SysWow64\Wat
2011-06-29 21:25:56 -------- d-----w- C:\Windows\System32\Wat
2011-06-29 21:21:10 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-06-29 21:21:10 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-06-29 21:21:10 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-06-29 21:21:10 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-06-29 21:21:10 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-06-29 21:20:48 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-29 21:20:48 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-06-29 21:20:48 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-06-29 21:20:41 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-06-29 21:20:41 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-29 21:20:34 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-06-29 21:20:33 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-06-29 21:20:14 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-29 21:20:13 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-06-29 21:20:13 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-06-29 21:20:06 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-29 21:20:06 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-29 21:18:54 642944 ----a-w- C:\Windows\System32\winload.efi
2011-06-29 20:14:21 -------- d-----w- C:\Users\Joe\AppData\Local\CyberLink
2011-06-29 20:07:41 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-06-29 20:07:23 -------- d-----w- C:\Users\Joe\AppData\Local\ATI
2011-06-29 20:06:23 -------- d-----w- C:\Users\Joe\AppData\Roaming\Intel Corporation
2011-06-29 20:06:19 -------- d-----w- C:\Users\Joe\AppData\Roaming\Synaptics
2011-06-29 20:05:22 -------- d-----w- C:\Users\Joe\AppData\Roaming\hpqlog
2011-06-29 20:05:17 -------- d-----w- C:\Users\Joe\AppData\Local\RemEngine
2011-06-29 19:42:16 -------- d-----w- C:\Users\Joe\AppData\Local\Hewlett-Packard
2011-06-29 19:42:04 -------- d-----w- C:\Users\Joe\AppData\Local\Hewlett-Packard_Company
2011-06-29 19:41:17 -------- d-----w- C:\Users\Joe\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2011-06-29 22:01:51 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-26 15:35:44 951680 ----a-w- C:\Windows\System32\drivers\ndis.sys
2011-05-26 15:01:22 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-05-26 15:01:22 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2011-05-26 15:01:21 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-05-26 14:52:00 0 ----a-w- C:\Windows\ativpsrm.bin
2011-05-13 22:58:22 17720 ----a-w- C:\Windows\System32\HPMDPCoInst12.dll
2011-05-13 22:58:16 30008 ----a-w- C:\Windows\System32\drivers\hpdskflt.sys
2011-05-13 22:58:10 30520 ----a-w- C:\Windows\System32\hpservice.exe
2011-05-13 22:58:04 20792 ----a-w- C:\Windows\System32\accelerometerdll.DLL
2011-05-13 22:57:58 43320 ----a-w- C:\Windows\System32\drivers\Accelerometer.sys
2011-05-04 08:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
.
============= FINISH: 12:55:52.98 ===============

Edited by woodsman345, 24 July 2011 - 05:44 PM.


BC AdBot (Login to Remove)

 


#2 woodsman345

woodsman345
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 27 July 2011 - 12:24 AM

I had to re-install xp mode for a lockup situation which renders the above info useless from what I understand. I am unable to edit it so if possible the moderator can delete these posts, I have had no re-occurance of the strange ad scenario and will call it good for a while and keep an eye on things.
Thanks

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 AM

Posted 27 July 2011 - 08:34 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users