Avast antivirus software problem

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide. Want to reply to a topic, start a new one, or remove the advertising? Join today (always free).

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

2 Pages

1 2 >

Avast antivirus software problem, computer hangs

Options

yserenity View Member Profile	Oct 9 2008, 05:46 AM Post #1
Member Posts: 10 OS: vista home basic	I have avast anti virus 4.8 installed in my computer, and a while ago when i tried to scan a flashdisk before opening it, the computer stopped working (screen doesn't move) I restarted my computer, then tried scanning the flash disk again, and the same thing happened. Why? is this due to a virus or just the software? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:03:11 PM, on 10/9/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\S3Funkey.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\InterVideo\DVD Check\DVDCheck.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\windows\system32\taskeng.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Yvonne\Documents\geeks to go\HiJackThis.exe C:\Windows\System32\notepad.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...all&pf=cmnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...all&pf=cmnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe -chkautorun O4 - HKLM\..\Run: [S3Funkey] S3Funkey.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\windows\system32\AEADISRV.EXE (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe -- End of file - 8439 bytes This post has been edited by yserenity: Oct 9 2008, 06:06 AM

Gravity Gripp View Member Profile	Oct 14 2008, 01:52 PM Post #2
Trusted Helper Posts: 1,512 From: /dev/null OS: Windows XP, OSX 10.5, Ubuntu 8.10	yserenity, Welcome to Geeks-To-Go. My name is GravityGripp and I'll be assisting you with your issues. Please note that I am still in training and will be working with an expert on these issues so there may be a slight delay in my responses. If I have not responded to you in a time period longer than 4 days, please feel free to PM me. As for now, I will be reviewing your log and will get back to you shortly. Thanks and I look forward to working with you.

Gravity Gripp View Member Profile	Oct 15 2008, 11:05 AM Post #3
Trusted Helper Posts: 1,512 From: /dev/null OS: Windows XP, OSX 10.5, Ubuntu 8.10	There's no good way to tell just yet if it's virus or software related. I should know something after I get these logs STEP ONE Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. STEP TWO First, download OTListIt to your desktop. Once it has finished downloading, please double click on the icon. When the window appears, click the Run Scan button. Do not change any settings unless otherwise told to do so. When the scan completes, it will open two notepad windows. OTListt.Txt and Extras.Txt Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may close these windows when you have posted the contents of the files.

yserenity View Member Profile	Oct 16 2008, 07:09 PM Post #4
Member Posts: 10 OS: vista home basic	Hi! Finally someone's here to help me. Thank you for taking your time to help me. Malware Bytes didn't find any malicious item and didn't create any log... By the way, avast detected malware bytes as malicious item.. This is the OTListIt Log: OTListIt logfile created on: 10/17/2008 8:59:58 AM - Run OTListIt by OldTimer - Version 1.0.8.0 Folder = C:\Users\Yvonne\geeks to go Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 1.75 Gb Total Physical Memory \| 0.89 Gb Available Physical Memory \| 50.95% Memory free 3.73 Gb Paging File \| 2.83 Gb Available in Paging File \| 75.81% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: \| %SystemRoot% = C:\windows \| %ProgramFiles% = C:\Program Files Drive C: \| 140.05 Gb Total Space \| 102.74 Gb Free Space \| 73.36% Space Free \| Partition Type: NTFS Drive D: \| 9.00 Gb Total Space \| 2.22 Gb Free Space \| 24.70% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HP-PC Current User Name: Yvonne Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days ========== Processes ========== [2008/01/21 10:33:13 \| 00,096,768 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe [2008/01/21 10:33:15 \| 00,229,888 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe [2008/01/21 10:34:50 \| 02,623,488 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe [2008/08/07 14:37:24 \| 00,024,880 \| ---- \| M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe [2008/07/19 22:25:06 \| 00,016,056 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008/01/21 10:32:56 \| 00,074,240 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe [2008/07/19 22:38:28 \| 00,147,640 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008/01/21 10:34:32 \| 00,169,472 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2003/03/19 02:55:56 \| 00,335,872 \| ---- \| M] (Microsoft Corporation) -- c:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe [2008/09/20 22:30:28 \| 00,047,104 \| ---- \| M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe [2008/05/27 13:18:43 \| 00,439,808 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe [2008/07/19 22:38:04 \| 00,250,040 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008/07/23 22:25:45 \| 00,348,344 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008/01/21 10:34:32 \| 00,169,472 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2008/01/21 10:34:32 \| 00,081,920 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe [2008/03/06 01:12:24 \| 00,102,400 \| ---- \| M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\S3Funkey.exe [2007/12/19 17:19:48 \| 01,314,816 \| ---- \| M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008/03/28 02:05:00 \| 01,045,800 \| ---- \| M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008/05/15 02:26:06 \| 00,177,456 \| ---- \| M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [2007/05/09 07:24:20 \| 00,054,840 \| ---- \| M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [2006/10/27 00:47:42 \| 00,031,016 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008/07/19 22:38:34 \| 00,078,008 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2008/01/21 10:32:56 \| 01,233,920 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe [2008/01/17 08:56:50 \| 00,727,592 \| ---- \| M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2008/05/24 08:23:22 \| 00,197,904 \| ---- \| M] (InterVideo Inc.) -- C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008/01/17 08:56:50 \| 01,624,616 \| ---- \| M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe [2008/04/01 05:41:22 \| 00,091,440 \| ---- \| M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [2008/01/21 10:32:56 \| 01,233,920 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe [2008/04/16 23:18:34 \| 00,165,192 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008/01/21 10:34:15 \| 00,245,248 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe [2008/04/04 02:33:26 \| 00,193,840 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008/01/21 10:35:20 \| 00,202,240 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe [2008/01/21 10:35:20 \| 00,896,512 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe [2008/04/16 04:40:10 \| 00,094,208 \| ---- \| M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe [2008/03/28 02:06:00 \| 00,095,528 \| ---- \| M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [2008/09/21 12:41:44 \| 00,267,056 \| ---- \| M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe [2008/05/27 13:18:16 \| 00,184,832 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe [2008/05/28 12:58:12 \| 00,079,088 \| ---- \| M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe [2008/07/03 09:52:30 \| 00,307,712 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe [2008/05/27 13:17:55 \| 00,087,552 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe [2008/10/17 08:56:27 \| 00,417,280 \| ---- \| M] (OldTimer Tools) -- C:\Users\Yvonne\geeks to go\OTListIt.exe ========== (O23) Win32 Services ========== File not found -- %SystemRoot%\system32\AEADISRV.EXE -- (AEADIFilters [Auto \| Stopped]) [2008/07/28 02:03:11 \| 00,034,312 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand \| Stopped]) [2008/07/19 22:25:06 \| 00,016,056 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto \| Running]) [2008/07/19 22:38:28 \| 00,147,640 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto \| Running]) [2008/07/19 22:38:04 \| 00,250,040 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand \| Running]) [2008/07/23 22:25:45 \| 00,348,344 \| ---- \| M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand \| Running]) File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown \| Stopped]) [2008/07/28 02:03:13 \| 00,069,632 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) [2008/04/04 02:33:26 \| 00,193,840 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx [On_Demand \| Running]) File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown \| Running]) [2008/01/21 10:33:11 \| 02,091,520 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand \| Stopped]) [2008/01/21 10:34:19 \| 00,134,656 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\dps.dll -- (DPS [Unknown \| Running]) [2008/06/20 09:14:44 \| 00,046,104 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand \| Stopped]) [2008/08/29 10:01:22 \| 00,033,752 \| ---- \| M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus� Helper [On_Demand \| Stopped]) [2008/01/21 10:34:44 \| 00,574,464 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\gpsvc.dll -- (gpsvc [Unknown \| Running]) [2008/04/16 04:40:10 \| 00,094,208 \| ---- \| M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe -- (HP Health Check Service [Auto \| Running]) [2008/04/16 23:18:34 \| 00,165,192 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex [On_Demand \| Running]) [2008/08/07 14:37:24 \| 00,024,880 \| ---- \| M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe -- (hpsrv [Auto \| Running]) [2004/10/22 18:24:18 \| 00,073,728 \| ---- \| M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand \| Stopped]) File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown \| Stopped]) [2003/03/19 02:55:56 \| 00,335,872 \| ---- \| M] (Microsoft Corporation) -- c:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM [Auto \| Running]) [2006/10/27 00:47:54 \| 00,065,824 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand \| Stopped]) [2008/10/16 22:38:39 00,000,000 \| ---D \| M] -- C:\windows\System32\Msdtc -- (MSDTC [Unknown \| Stopped]) [2008/06/20 09:14:31 \| 00,132,096 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled \| Stopped]) [2006/10/27 10:49:34 \| 00,441,136 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand \| Stopped]) [2006/10/27 04:03:08 \| 00,145,184 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose [On_Demand \| Stopped]) [2008/09/20 22:30:28 \| 00,047,104 \| ---- \| M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe -- (rpcnet [Auto \| Running]) [2008/01/21 10:33:42 \| 00,547,328 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\rpcss.dll -- (RpcSs [Unknown \| Running]) [2008/01/21 10:34:01 \| 00,095,232 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\SCardSvr.dll -- (SCardSvr [Unknown \| Stopped]) File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown \| Running]) File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown \| Stopped]) [2008/01/21 10:34:50 \| 02,623,488 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto \| Running]) [2006/11/02 17:45:46 \| 00,012,800 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand \| Stopped]) File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown \| Stopped]) [2008/01/21 10:33:45 \| 00,035,840 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand \| Stopped]) [2007/01/20 03:54:14 \| 00,097,136 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand \| Stopped]) [2008/01/21 10:34:50 \| 00,382,976 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand \| Stopped]) File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown \| Stopped]) File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown \| Running]) [2008/01/21 10:35:20 \| 00,896,512 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand \| Running]) [2008/05/27 13:18:43 \| 00,439,808 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto \| Running]) ========== Driver Services ========== [2008/08/07 14:31:52 \| 00,034,608 \| ---- \| M] (Hewlett-Packard Corporation) -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer [On_Demand \| Running]) [2008/02/07 23:03:54 \| 00,378,368 \| ---- \| M] (Analog Devices, Inc.) -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand \| Running]) [2008/01/21 10:32:46 \| 00,422,968 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Boot \| Running]) [2008/01/21 10:32:51 \| 00,300,600 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Boot \| Running]) [2008/01/21 10:32:52 \| 00,101,432 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Boot \| Running]) [2008/01/21 10:32:53 \| 00,149,560 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Boot \| Running]) [2006/11/02 17:50:11 \| 00,071,272 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Boot \| Running]) [2008/01/21 10:32:21 \| 00,017,464 \| ---- \| M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Boot \| Running]) [2008/01/21 10:32:22 \| 00,057,400 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand \| Stopped]) [2008/01/21 10:32:21 \| 00,017,976 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Boot \| Running]) [2008/01/21 10:32:21 \| 00,041,472 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [On_Demand \| Stopped]) [2008/01/21 10:32:21 \| 00,044,032 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [On_Demand \| Stopped]) [2008/01/21 10:32:49 \| 00,079,416 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Boot \| Running]) [2008/01/21 10:32:50 \| 00,079,928 \| ---- \| M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Boot \| Running]) [2008/07/19 22:37:42 \| 00,020,560 \| ---- \| M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto \| Running]) [2008/07/19 22:36:03 \| 00,051,280 \| ---- \| M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt [Auto \| Running]) [2008/07/19 22:33:42 \| 00,023,152 \| ---- \| M] (ALWIL Software) -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr [System \| Running]) [2008/07/19 22:35:18 \| 00,078,416 \| ---- \| M] (ALWIL Software) -- C:\windows\System32\drivers\aswSP.sys -- (aswSP [System \| Running]) [2008/07/19 22:32:36 \| 00,042,912 \| ---- \| M] (ALWIL Software) -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System \| Running]) [2007/11/30 01:56:40 \| 00,181,760 \| ---- \| M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x [On_Demand \| Running]) [2008/03/22 02:35:24 \| 01,207,288 \| ---- \| M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX [On_Demand \| Running]) [2008/01/21 10:32:22 \| 00,045,568 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive [On_Demand \| Stopped]) [2008/01/21 10:33:26 \| 00,069,632 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand \| Running]) [2006/11/02 16:24:45 \| 00,013,568 \| ---- \| M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand \| Stopped]) [2006/11/02 16:24:46 \| 00,005,248 \| ---- \| M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand \| Stopped]) [2006/11/02 16:25:24 \| 00,071,808 \| ---- \| M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [On_Demand \| Stopped]) [2006/11/02 16:24:44 \| 00,062,336 \| ---- \| M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [On_Demand \| Stopped]) [2006/11/02 16:24:44 \| 00,012,160 \| ---- \| M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [On_Demand \| Stopped]) [2006/11/02 16:24:47 \| 00,011,904 \| ---- \| M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand \| Stopped]) [2008/01/21 10:32:51 \| 00,019,456 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand \| Running]) [2006/11/02 16:55:23 \| 00,039,936 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand \| Stopped]) [2008/01/21 10:32:45 \| 00,092,160 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand \| Running]) [2008/04/29 09:42:23 \| 00,220,160 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand \| Stopped]) [2008/04/29 09:42:21 \| 00,029,184 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand \| Running]) [2008/02/01 17:41:58 \| 00,080,424 \| ---- \| M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand \| Running]) [2008/02/01 17:41:58 \| 00,080,936 \| ---- \| M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand \| Running]) [2008/02/01 17:41:58 \| 00,016,168 \| ---- \| M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand \| Running]) [2008/01/21 10:32:51 \| 00,035,328 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [On_Demand \| Stopped]) File not found -- -- (CLFS [Unknown \| Running]) [2008/01/21 10:32:21 \| 00,019,000 \| ---- \| M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Boot \| Running]) [2008/01/21 10:32:48 \| 00,024,632 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot \| Running]) [2008/01/21 10:32:21 \| 00,040,960 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [On_Demand \| Stopped]) [2008/01/21 10:34:44 \| 00,075,264 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System \| Running]) [2008/08/02 09:01:23 \| 00,625,152 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand \| Running]) [2008/01/21 10:32:50 \| 00,118,784 \| ---- \| M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand \| Stopped]) [2008/01/21 10:33:07 \| 00,143,416 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot \| Running]) [2008/01/21 10:32:48 \| 00,342,584 \| ---- \| M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Boot \| Running]) [2008/01/21 10:32:21 \| 00,006,656 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev [On_Demand \| Stopped]) [2008/01/21 10:34:54 \| 00,136,192 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\drivers\exfat.sys -- (exfat [On_Demand \| Stopped]) [2008/01/21 10:33:40 \| 00,058,936 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot \| Running]) [2008/01/21 10:34:01 \| 00,027,648 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand \| Stopped]) [2008/01/21 10:32:47 \| 00,061,496 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand \| Stopped]) [2008/04/15 05:39:06 \| 00,009,344 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey [On_Demand \| Running]) [2006/11/02 15:36:49 \| 00,235,520 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand \| Stopped]) [2008/01/21 10:32:47 \| 00,053,760 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand \| Running]) [2006/11/02 16:55:22 \| 00,029,184 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [On_Demand \| Stopped]) [2006/11/02 16:55:01 \| 00,021,504 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [On_Demand \| Stopped]) [2008/01/21 10:32:52 \| 00,040,504 \| ---- \| M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Boot \| Running]) [2008/08/07 14:42:12 \| 00,025,392 \| ---- \| M] (Hewlett-Packard Corporation) -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt [Boot \| Running]) [2007/06/19 08:12:04 \| 00,016,768 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand \| Running]) [2008/01/21 10:32:49 \| 00,235,064 \| ---- \| M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Boot \| Running]) [2006/11/02 17:50:17 \| 00,041,576 \| ---- \| M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Boot \| Running]) File not found -- C:\windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand \| Stopped]) [2008/01/21 10:32:48 \| 00,064,512 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [On_Demand \| Stopped]) [2008/01/21 10:32:22 \| 00,181,304 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand \| Running]) [2006/11/02 17:50:07 \| 00,035,944 \| ---- \| M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Boot \| Running]) [2006/11/02 17:50:09 \| 00,035,944 \| ---- \| M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Boot \| Running]) [2008/01/21 10:32:49 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System \| Running]) [2008/01/21 10:34:21 \| 00,047,104 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto \| Running]) [2008/01/21 10:32:49 \| 00,096,312 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Boot \| Running]) [2008/01/21 10:32:51 \| 00,089,656 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Boot \| Running]) [2008/01/21 10:32:48 \| 00,096,312 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Boot \| Running]) [2008/01/21 10:34:22 \| 00,084,480 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto \| Running]) [2008/01/21 10:32:53 \| 00,031,288 \| ---- \| M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Boot \| Running]) [2008/01/21 10:32:52 \| 00,386,616 \| ---- \| M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR [Boot \| Running]) [2008/01/21 10:32:47 \| 00,041,984 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand \| Running]) [2008/01/21 10:32:45 \| 00,105,016 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Boot \| Running]) [2008/01/21 10:34:35 \| 00,064,000 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand \| Running]) [2006/11/02 17:49:59 \| 00,033,384 \| ---- \| M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Boot \| Running]) [2008/05/09 03:21:56 \| 00,211,968 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand \| Running]) [2008/01/21 10:34:15 \| 00,078,848 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand \| Running]) [2008/01/21 10:32:21 \| 00,028,728 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Boot \| Running]) [2008/01/21 10:32:47 \| 00,094,776 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Boot \| Running]) [2008/01/21 10:32:22 \| 00,016,440 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot \| Running]) [2008/01/21 10:34:07 \| 00,163,384 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand \| Stopped]) [2008/05/20 10:07:31 \| 00,148,480 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand \| Running]) [2006/11/02 17:50:19 \| 00,045,160 \| ---- \| M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Boot \| Running]) [2008/01/21 10:34:35 \| 00,016,384 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System \| Running]) [2006/11/02 15:36:50 \| 00,020,608 \| ---- \| M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [On_Demand \| Stopped]) [2008/01/21 10:32:47 \| 00,102,968 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Boot \| Running]) [2008/01/21 10:32:47 \| 00,045,112 \| ---- \| M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Boot \| Running]) [2008/01/21 10:32:22 \| 00,109,112 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand \| Stopped]) File not found -- C:\windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand \| Stopped]) File not found -- C:\windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand \| Stopped]) [2006/11/02 17:04:35 \| 00,878,080 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto \| Running]) [2008/04/05 09:21:42 \| 00,072,192 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System \| Running]) [2008/01/21 10:32:50 \| 01,122,360 \| ---- \| M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Boot \| Running]) [2006/11/02 17:50:35 \| 00,106,088 \| ---- \| M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Boot \| Running]) [2008/01/21 10:32:58 \| 00,031,232 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand \| Stopped]) [2008/01/21 10:34:56 \| 00,069,120 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand \| Running]) [2008/01/21 10:34:38 \| 00,006,144 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System \| Running]) [2008/01/21 10:32:24 \| 00,049,664 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand \| Running]) [2008/01/21 10:34:21 \| 00,060,416 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto \| Running]) [2008/05/20 03:53:42 \| 00,854,528 \| ---- \| M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP [On_Demand \| Running]) [2006/11/02 17:50:16 \| 00,076,392 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Boot \| Running]) [2006/11/02 14:37:21 \| 00,020,480 \| ---- \| M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\windows\System32\drivers\secdrv.sys -- (secdrv [Auto \| Running]) [2008/01/21 10:32:45 \| 00,019,968 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [On_Demand \| Stopped]) [2008/01/21 10:32:49 \| 00,013,312 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand \| Stopped]) [2008/01/21 10:32:49 \| 00,012,288 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand \| Stopped]) [2008/01/21 10:32:49 \| 00,011,776 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand \| Stopped]) [2008/01/21 10:32:51 \| 00,041,016 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Boot \| Running]) [2008/01/21 10:32:52 \| 00,074,808 \| ---- \| M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Boot \| Running]) [2008/01/21 10:34:49 \| 00,066,560 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System \| Running]) [2008/04/11 08:27:34 \| 01,804,160 \| ---- \| M] () -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC [On_Demand \| Running]) [2008/01/21 10:33:48 \| 00,021,048 \| ---- \| M] (Microsoft Corporation) -- C:\windows\System32\drivers\spldr.sys -- (spldr [Boot \| Running]) [2008/01/21 10:34:49 \| 00,144,384 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand \| Running]) [2008/01/21 10:33:17 \| 00,098,304 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand \| Running]) [2006/11/02 17:50:05 \| 00,035,944 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Boot \| Running]) [2006/11/02 17:49:56 \| 00,031,848 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Boot \| Running]) [2006/11/02 17:50:03 \| 00,034,920 \| ---- \| M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Boot \| Running]) [2008/03/28 02:06:00 \| 00,199,472 \| ---- \| M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand \| Running]) [2008/01/21 10:33:13 \| 00,030,208 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto \| Running]) [2008/01/21 10:34:42 \| 00,071,680 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System \| Running]) [2008/01/21 10:32:52 \| 00,045,624 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tpm.sys -- (TPM [On_Demand \| Stopped]) [2008/01/21 10:34:49 \| 00,023,552 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand \| Stopped]) [2008/01/21 10:34:06 \| 00,015,360 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand \| Running]) [2008/01/21 10:34:06 \| 00,023,040 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand \| Running]) [2008/01/21 10:32:47 \| 00,059,448 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [Boot \| Running]) [2008/01/21 10:32:22 \| 00,060,984 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand \| Stopped]) [2008/01/21 10:32:45 \| 00,238,648 \| ---- \| M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Boot \| Running]) [2006/11/02 17:50:35 \| 00,098,408 \| ---- \| M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Boot \| Running]) [2008/01/21 10:32:49 \| 00,115,816 \| ---- \| M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Boot \| Running]) [2008/01/21 10:32:48 \| 00,034,816 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand \| Running]) [2006/11/02 16:55:09 \| 00,068,608 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [On_Demand \| Stopped]) [2008/01/21 10:32:52 \| 00,134,016 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand \| Stopped]) [2008/01/21 10:32:23 \| 00,026,112 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand \| Stopped]) [2008/01/21 10:32:21 \| 00,041,472 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [On_Demand \| Stopped]) [2008/01/21 10:32:21 \| 00,020,024 \| ---- \| M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Boot \| Running]) [2008/01/21 10:32:22 \| 00,052,792 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot \| Running]) [2008/01/21 10:34:08 \| 00,294,456 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot \| Running]) [2008/01/21 10:32:49 \| 00,130,616 \| ---- \| M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Boot \| Running]) [2006/11/02 16:52:52 \| 00,020,608 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [On_Demand \| Stopped]) [2008/01/21 10:32:50 \| 00,022,072 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Boot \| Running]) [2008/01/21 10:33:23 \| 00,503,864 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot \| Running]) [2008/01/21 10:32:21 \| 00,011,264 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand \| Running]) [2008/01/21 10:34:35 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled \| Stopped]) ========== Internet Explorer ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...all&pf=cmnb HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: (761 bytes) - C:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O3 - HKCU\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL (Microsoft Corporation) O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [S3Funkey] S3Funkey.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [S3Trayp] S3trayp.exe -chkautorun (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation) O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O18 - Protocol\Handler: - grooveLocalGWS - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp - No CLSID value found O18 - Protocol\Handler: - msdaipp\0x00000001 - c:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp\oledb - c:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler: - ms-help - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler: - tbr - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - See sections below for AppInitDlls and Winlogon settings ========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ========== HKLM SecurityProviders ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders] "SecurityProviders" = credssp.dll >[2008/01/21 10:34:21 \| 00,015,872 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll ========== LSA Security Packages ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg, >[2008/01/21 10:34:21 \| 00,062,464 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll ========== Safeboot Options ========== "AlternateShell" = cmd.exe ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== autorun.inf [] [2008/10/07 21:56:02 00,000,000 \| RHSD \| M] -- C:\autorun.inf -- [ NTFS ] autorun.inf [] [2008/10/07 21:56:02 00,000,000 \| RHSD \| M] -- D:\autorun.inf -- [ NTFS ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8736cff3-894a-11dd-a327-00218662935f}\Shell\AutoRun\command] "" = E:\jopnqbe2.com -- File not found [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8736cff3-894a-11dd-a327-00218662935f}\Shell\explore\Command] "" = E:\jopnqbe2.com -- File not found [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8736cff3-894a-11dd-a327-00218662935f}\Shell\open\Command] "" = E:\jopnqbe2.com -- File not found ========== Files/Folders - Created Within 30 Days ========== [2008/10/17 08:24:04 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Roaming\vlc [2008/10/17 08:22:22 \| 00,000,000 \| ---D \| C] -- C:\Program Files\VideoLAN [2008/10/16 19:51:27 \| 02,032,640 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2008/10/16 19:50:41 \| 00,288,768 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\drivers\srv.sys [2008/10/16 19:50:13 \| 03,601,464 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2008/10/16 19:50:11 \| 03,549,240 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2008/10/16 19:49:31 \| 03,578,880 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mshtml.dll [2008/10/16 19:49:26 \| 06,068,736 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\ieframe.dll [2008/10/16 19:49:20 \| 01,166,336 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\urlmon.dll [2008/10/16 19:49:17 \| 00,827,392 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\wininet.dll [2008/10/16 19:49:16 \| 00,270,336 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\iertutil.dll [2008/10/16 19:49:07 \| 00,671,232 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2008/10/16 19:49:03 \| 00,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2008/10/16 19:49:01 \| 01,383,424 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2008/10/14 23:07:16 \| 00,000,000 \| ---- \| C] () -- C:\Users\Yvonne\Documents\assignment [2008/10/10 09:19:06 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\Documents\OneNote Notebooks [2008/10/10 09:19:05 \| 00,001,111 \| ---- \| C] () -- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2008/10/07 21:56:02 \| 00,000,000 \| RHSD \| C] -- C:\autorun.inf [2008/10/07 16:40:19 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Local\Adobe [2008/10/06 22:24:55 \| 00,042,912 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\drivers\aswTdi.sys [2008/10/06 22:24:55 \| 00,023,152 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\drivers\aswRdr.sys [2008/10/06 22:24:55 \| 00,001,849 \| ---- \| C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk [2008/10/06 22:24:50 \| 00,094,392 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\AvastSS.scr [2008/10/06 22:24:47 \| 00,078,416 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\drivers\aswSP.sys [2008/10/06 22:24:47 \| 00,020,560 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\drivers\aswFsBlk.sys [2008/10/06 22:24:06 \| 01,163,960 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\aswBoot.exe [2008/10/06 22:24:06 \| 01,060,864 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\MFC71.dll [2008/10/06 22:24:06 \| 00,380,928 \| ---- \| C] () -- C:\windows\System32\actskin4.ocx [2008/10/06 22:24:06 \| 00,051,280 \| ---- \| C] (ALWIL Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2008/10/06 22:24:02 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2008/10/06 21:08:02 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Roaming\Malwarebytes [2008/10/06 21:07:55 \| 00,017,200 \| ---- \| C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2008/10/06 21:07:55 \| 00,000,818 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2008/10/06 21:07:54 \| 00,038,528 \| ---- \| C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2008/10/06 21:07:52 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2008/10/06 21:07:52 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2008/10/06 21:06:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Roaming\Download Manager [2008/10/06 20:49:14 \| 00,000,000 \| ---D \| C] -- C:\windows\ERDNT [2008/10/06 20:47:40 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ERUNT [2008/10/06 20:36:38 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\Documents\from bryan [2008/10/06 19:48:06 \| 00,380,928 \| ---- \| C] () -- C:\windows\vortsgbqoel.dll [2008/10/06 19:48:06 \| 00,086,016 \| ---- \| C] () -- C:\windows\qkeftmxn.exe [2008/10/06 06:49:48 \| 00,000,476 \| ---- \| C] () -- C:\Users\Yvonne\Desktop\Senior Year - Shortcut.lnk [2008/10/03 21:15:22 \| 00,000,925 \| ---- \| C] () -- C:\Users\Yvonne\Desktop\Miriel The Magical Merchant.lnk [2008/10/03 21:14:54 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Miriel The Magical Merchant [2008/10/01 07:46:58 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Dopewars [2008/09/29 07:24:19 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Build in Time [2008/09/28 22:53:28 \| 00,000,000 \| -H-- \| C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2008/09/28 18:14:24 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SQL Server [2008/09/28 18:14:12 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Silverlight [2008/09/28 18:13:43 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Synchronization Services [2008/09/28 18:13:42 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2008/09/28 18:11:31 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\Documents\Visual Studio 2008 [2008/09/28 18:01:19 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2008/09/28 17:58:07 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SDKs [2008/09/28 17:44:09 \| 00,097,800 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\infocardapi.dll [2008/09/28 17:44:08 \| 00,105,016 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll [2008/09/28 17:44:06 \| 00,622,080 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\icardagt.exe [2008/09/28 17:44:06 \| 00,043,544 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\PresentationHostProxy.dll [2008/09/28 17:44:06 \| 00,037,384 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\infocardcpl.cpl [2008/09/28 17:44:06 \| 00,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\icardres.dll [2008/09/28 17:44:00 \| 00,781,344 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\PresentationNative_v0300.dll [2008/09/28 17:43:51 \| 00,326,160 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\PresentationHost.exe [2008/09/28 17:24:55 \| 00,096,760 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\dfshim.dll [2008/09/28 17:24:50 \| 00,282,112 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mscoree.dll [2008/09/28 17:24:48 \| 00,041,984 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\netfxperf.dll [2008/09/28 17:24:25 \| 00,158,720 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mscorier.dll [2008/09/28 17:24:07 \| 00,083,968 \| ---- \| C] (Microsoft Corporation) -- C:\windows\System32\mscories.dll [2008/09/26 20:59:22 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Diner Dash Hometown Hero [2008/09/26 19:30:26 \| 00,000,094 \| ---- \| C] () -- C:\Users\Yvonne\AppData\Local\fusioncache.dat [2008/09/26 19:30:26 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Local\ApplicationHistory [2008/09/26 18:59:38 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ReflexiveArcade [2008/09/25 21:49:30 \| 00,000,000 \| ---D \| C] -- C:\Users\Yvonne\AppData\Roaming\PlayFirst [2008/09/25 21:49:30 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\PlayFirst [2008/09/25 21:42:27 \| 00,000,000 \| ---D \| C] -- C:&

Gravity Gripp View Member Profile	Oct 17 2008, 07:42 AM Post #5
Trusted Helper Posts: 1,512 From: /dev/null OS: Windows XP, OSX 10.5, Ubuntu 8.10	It looks like some of your log was chopped off, can you please repost everything after this line: "========== Files/Folders - Created Within 30 Days =========="