dds scan

morgan46 · January 22, 2011

hello new to this but i have been having same problems for over 3 years was into online gaming for many years last 8 years playing all call of duty games in twl on the number 1 squad in twl for years the last 3 years it seems like some 1 else has control over my pc have moved 4 times in 8 years every location is new ip but yet my settings will change in all the important files that you need like the exe. files it is driving me nuts and last night i went back to advanced system care. and also got the 360 took norton off pc and put avg did a scan with hijack this and all my exe. files was in chinese pls help me catch this hacker r who ever what ever has control over my pc .if possible would love to know where i am getting hacked from.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/3/2010 10:03:25 PM

System Uptime: 1/21/2011 9:16:14 PM (0 hours ago)

Motherboard: EVGA | | 141-BL-E757

Processor: Intel® Core i7 CPU 950 @ 3.07GHz | Socket 423 | 3648/159mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 931 GiB total, 882.941 GiB free.

D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP144: 1/21/2011 12:48:18 AM - Windows Update

RP145: 1/21/2011 3:01:49 PM - Installed AVG 2011

RP146: 1/21/2011 3:02:09 PM - Installed AVG 2011

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Advanced SystemCare 3

AVG PC Tuneup 2011

Bigfoot Networks Killer Network Manager

Call of Duty Black Ops - Remote Console

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

CameraHelperMsi

D-Link DWA-130 Wireless N USB Adapter

D3DX10

erLT

EVGA Precision 2.0.1

Game Booster

Google Chrome

Google Talk Plugin

Hunting Unlimited 4 1.0

IObit Security 360

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox (3.6.13)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Norton Bootable Recovery Tool Wizard

Norton DNS

Norton PC Checkup

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

Realtek High Definition Audio Driver

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Smart Defrag 2

Steam

STORM

Symantec Technical Support Web Controls

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Visual Studio 2008 x64 Redistributables

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Yahoo! Messenger

Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

1/21/2011 9:16:34 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

1/21/2011 9:16:28 PM, Error: volmgr [46] - Crash dump initialization failed!

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:02:58 PM, Error: Service Control Manager [7031] - The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

1/21/2011 2:40:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MpsSvc service.

1/21/2011 2:39:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wcncsvc service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7000] - The Windows Connect Now - Config Registrar service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/21/2011 2:38:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

1/21/2011 2:37:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

1/21/2011 2:37:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

1/21/2011 2:37:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

1/21/2011 2:37:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

1/21/2011 2:18:04 PM, Error: Service Control Manager [7000] - The Symantec Eraser Control driver service failed to start due to the following error: The system cannot find the file specified.

1/19/2011 9:57:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 2:10:32 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 11:49:23 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 10:53:36 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4260.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80240022 Error description: The program can't check for definition updates.

1/18/2011 9:45:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

1/18/2011 9:45:40 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/16/2011 8:28:20 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/15/2011 9:15:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3968.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

1/15/2011 2:34:00 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{566d20b1-e352-11df-9265-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{957BC05F-E959-43A1-A61C-20C31C52D40B}' was corrupted and it has been recovered. Some data might have been lost.

1/15/2011 12:57:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/14/2011 7:10:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/14/2011 11:59:28 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

==== End Of File ===========================

ddsscan.txt

morgan46 · January 22, 2011

ddsfile

DDS (Ver_10-12-12.02) - NTFS_AMD64

Run by Jerri at 21:25:53.33 on Fri 01/21/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.12279.10053 [GMT -8:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\System32\snmp.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG10\avgchsva.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Windows\system32\wbem\wmiprvse.exe

c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Jerri\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com

mStart Page = hxxp://www.msn.com

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

mWinlogon: Userinit=userinit.exe

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

StartupFolder: C:\Users\Jerri\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\G35\eReg.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NORTON~1.LNK - C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: %SYSTEMROOT%\system32\BfLLR.dll

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: {AD5BB780-21CD-4D03-8159-593F1F1119BB} = 198.153.192.1,198.153.194.1

TCP: 46C696E6B6 = 198.153.192.1,198.153.194.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Jerri\AppData\Roaming\Mozilla\Firefox\Profiles\uoyxdpvy.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4d3a10d0&v=6.011.025.001&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q=

FF - prefs.js: network.proxy.type - 4

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jerri\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Users\Jerri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Jerri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

FF - Ext: AVG Security Toolbar em:version=6.011.025.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2011-1-20 17720]

R0 SMR161;Symantec SMR Utility Service 1.6.1;C:\Windows\System32\drivers\SMR161.SYS [2011-1-15 90232]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]

R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

R2 IS360service;IS360service;C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe [2011-1-19 312152]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]

R2 Norton DNS;Norton DNS;C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe [2010-10-13 97664]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [2010-12-29 120248]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [2010-12-29 126392]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-8 369256]

R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe [2010-12-15 167936]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;C:\Windows\System32\drivers\Edge7x64.sys [2010-9-2 30824]

R3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2010-9-2 155240]

R3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\System32\drivers\ladfDHP2amd64.sys [2010-9-29 62168]

R3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\System32\drivers\ladfSBVMamd64.sys [2010-9-29 377176]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]

R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-11-10 341856]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-2-3 58528]

R3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-11-3 155752]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]

R3 SaiK0728;SaiK0728;C:\Windows\System32\drivers\SaiK0728.sys [2008-1-21 129024]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-1-21 517448]

S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\System32\drivers\CamDrL64.sys [2007-2-3 955680]

S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2008-10-29 811008]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-11 1255736]

S4 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2010-9-2 569344]

=============== Created Last 30 ================

2011-01-22 02:07:21 -------- d-----w- C:\Users\Jerri\AppData\Local\AVG Security Toolbar

2011-01-21 23:03:44 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar

2011-01-21 23:03:34 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2011-01-21 23:03:09 -------- d-----w- C:\Windows\System32\drivers\AVG

2011-01-21 08:48:29 7844688 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{858053CE-423A-4D2B-AED4-54DF478976D9}\mpengine.dll

2011-01-21 04:12:28 31112 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe

2011-01-21 04:12:28 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys

2011-01-20 03:46:18 -------- d-----w- C:\PROGRA~3\IObit

2011-01-20 03:18:21 -------- d-----w- C:\Users\Jerri\AppData\Roaming\IObit

2011-01-20 03:18:20 -------- d-----w- C:\Program Files (x86)\IObit

2011-01-16 22:30:20 -------- d-----w- C:\N360_BACKUP

2011-01-15 17:47:17 107368 ----a-r- C:\Windows\SysWow64\GEARAspi.dll

2011-01-15 17:47:16 34152 ----a-r- C:\Windows\System32\drivers\GEARAspiWDM.sys

2011-01-15 17:47:16 126312 ----a-r- C:\Windows\System32\GEARAspi64.dll

2011-01-15 17:23:17 90232 ----a-w- C:\Windows\System32\drivers\SMR161.SYS

2011-01-12 19:44:04 -------- d-----w- C:\Program Files (x86)\iCall

2011-01-12 11:16:59 258048 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2011-01-09 23:00:26 553696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

2011-01-08 13:34:15 -------- d-----w- C:\Program Files (x86)\Gamers Unite! Snag Bar

2011-01-04 20:07:40 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com

2010-12-31 23:21:50 7844688 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2010-12-31 20:04:01 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{05652A4E-29D6-4C79-9EC1-7F7495053BAB}\gapaengine.dll

2010-12-31 20:04:00 -------- d-----w- C:\4a204a9ed6d94c3f8a9942

2010-12-31 19:45:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2010-12-31 19:45:31 -------- d-----w- C:\Program Files\Microsoft Security Client

2010-12-31 19:45:17 374664 ----a-w- C:\Windows\System32\drivers\netio.sys

2010-12-31 19:21:31 8199504 ------w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{07FF0FE1-68D6-42B1-A740-28DE16221925}\mpengine.dll

2010-12-30 17:22:56 -------- d-----w- C:\Users\Jerri\AppData\Local\MAGIX

2010-12-30 16:34:12 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2010-12-30 16:32:47 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

2010-12-30 15:56:41 -------- d-----w- C:\Windows\en

2010-12-30 15:50:46 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2010-12-30 15:48:22 -------- d-----w- C:\Windows\PCHEALTH

2010-12-30 15:47:12 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\DSETUP.dll

2010-12-30 15:47:12 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\DXSETUP.exe

2010-12-30 15:47:12 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\dsetup32.dll

2010-12-30 15:46:54 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\DSETUP.dll

2010-12-30 15:46:54 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\DXSETUP.exe

2010-12-30 15:46:54 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\dsetup32.dll

2010-12-30 15:46:30 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2010-12-30 15:46:30 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2010-12-30 15:46:28 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2010-12-30 15:46:27 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2010-12-30 15:45:53 4068864 ----a-w- C:\Windows\System32\mf.dll

2010-12-30 15:45:53 3181568 ----a-w- C:\Windows\SysWow64\mf.dll

2010-12-30 15:45:53 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll

2010-12-30 15:45:53 206848 ----a-w- C:\Windows\System32\mfps.dll

2010-12-30 15:45:53 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll

2010-12-30 15:45:53 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2010-12-30 15:45:53 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2010-12-30 15:42:53 -------- d-----w- C:\Users\Jerri\AppData\Local\Windows Live

2010-12-30 15:42:52 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2010-12-30 15:32:33 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services

2010-12-30 15:10:42 -------- d-----w- C:\Users\Jerri\AppData\Roaming\MAGIX

2010-12-30 12:52:07 -------- d-----w- C:\Users\Jerri\AppData\Local\LogiShrd

2010-12-30 12:50:21 53248 ----a-r- C:\Users\Jerri\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2010-12-30 12:50:12 -------- d-----w- C:\Windows\SysWow64\logishrd

2010-12-30 12:50:12 -------- d-----w- C:\Windows\System32\logishrd

2010-12-30 12:50:05 -------- d-----w- C:\Program Files (x86)\Common Files\LWS

2010-12-30 09:18:11 -------- d-----w- C:\Program Files (x86)\ophcrack

2010-12-29 14:31:16 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64\0200080.00D

2010-12-29 14:31:16 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64

2010-12-29 14:31:15 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup

2010-12-28 19:50:39 -------- d-----w- C:\Program Files (x86)\Hunting Unlimited 4

2010-12-25 05:33:17 -------- d-----w- C:\Windows\Malwarebytes' Anti-Malware

==================== Find3M ====================

2010-12-21 02:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-12-08 12:12:36 308304 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2010-12-07 13:08:24 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2010-11-25 14:59:16 694888 ----a-w- C:\Windows\System32\drivers\RTL8192su.sys

2010-11-12 21:19:38 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2010-11-10 10:49:26 539232 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll

2010-11-10 10:49:02 543328 ----a-w- C:\Windows\SysWow64\LVUI2.dll

2010-11-10 10:47:14 416352 ----a-w- C:\Windows\SysWow64\lvcodec2.dll

2010-11-10 10:45:54 4162784 ----a-w- C:\Windows\System32\drivers\lvuvc64.sys

2010-11-10 10:45:32 559712 ----a-w- C:\Windows\System32\LVUIRC64.dll

2010-11-10 10:45:32 102744 ----a-w- C:\Windows\SysWow64\LogiDPPApp.exe

2010-11-10 10:45:32 102744 ----a-w- C:\Windows\System32\LogiDPPApp.exe

2010-11-10 10:45:30 10871128 ----a-w- C:\Windows\SysWow64\LogiDPP.dll

2010-11-10 10:45:30 10871128 ----a-w- C:\Windows\System32\LogiDPP.dll

2010-11-10 10:45:20 316248 ----a-w- C:\Windows\SysWow64\DevManagerCore.dll

2010-11-10 10:45:20 316248 ----a-w- C:\Windows\System32\DevManagerCore.dll

2010-11-10 10:45:02 767584 ----a-w- C:\Windows\System32\LVUI64.dll

2010-11-10 10:44:24 341856 ----a-w- C:\Windows\System32\drivers\lvrs64.sys

2010-11-10 10:43:32 259680 ----a-w- C:\Windows\System32\lvco13101216.dll

2010-11-10 10:43:12 400480 ----a-w- C:\Windows\System32\lvcod64.dll

2010-11-10 10:32:14 38238 ----a-w- C:\Windows\System32\Repository.reg

2010-11-10 10:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll

2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec

2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-11-02 05:21:51 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll

2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll

2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll

2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll

2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe

2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe

2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll

2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll

2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2010-10-28 18:46:10 1251944 ----a-w- C:\Windows\RtlExUpd.dll

2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll

2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2010-10-25 05:25:38 72064 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2010-10-25 05:25:38 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys

2010-10-25 05:25:38 188928 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

============= FINISH: 21:26:09.88 ===============

morgan46 · January 22, 2011

Logfile of IObit HijackScan v1.0.2.0 Scan saved at 23:53:12, on 2011-1-20

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 23:53:12, on 2011-1-20

Running processes:

?????????

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

O23 - Service: Bigfoot Networks Killer Service (Bigfoot Networks Killer Service) - Unknown - C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Norton DNS (Norton DNS) - Symantec Corporation - C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

O23 - Service: Norton PC Checkup Application Launcher (Norton PC Checkup Application Launcher) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Symantec RemoteAssist (Symantec RemoteAssist) - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: WlanWpsSvc (WlanWpsSvc) - Unknown - C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

morgan46 · January 22, 2011

route.print

===========================================================================

Interface List

19...00 26 5a bf 18 1a ......Microsoft Virtual WiFi Miniport Adapter

18...00 26 5a bf 18 1a ......D-Link DWA-130 Wireless N USB Adapter

13...00 19 03 03 d4 cb ......Bigfoot Networks Killer Ethernet Controller

11...00 1f bc 09 36 e6 ......Realtek PCIe GBE Family Controller

1...........................Software Loopback Interface 1

22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.199 30

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.0.0 255.255.255.0 On-link 192.168.0.199 286

192.168.0.199 255.255.255.255 On-link 192.168.0.199 286

192.168.0.255 255.255.255.255 On-link 192.168.0.199 286

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.0.199 286

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.0.199 286

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

12 58 ::/0 On-link

1 306 ::1/128 On-link

12 58 2001::/32 On-link

12 306 2001:0:4137:9e76:40b:2be6:bc49:babd/128

On-link

18 286 fe80::/64 On-link

12 306 fe80::/64 On-link

12 306 fe80::40b:2be6:bc49:babd/128

On-link

18 286 fe80::5d87:758e:3589:21d8/128

On-link

1 306 ff00::/8 On-link

12 306 ff00::/8 On-link

18 286 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

morgan46 · January 22, 2011

ipconfig.all file

Windows IP Configuration

Host Name . . . . . . . . . . . . : mothafuckermypcbitchfagetdiesoon

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Wireless LAN adapter Wireless Network Connection 6:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Physical Address. . . . . . . . . : 00-26-5A-BF-18-1A

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 5:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.

Description . . . . . . . . . . . : D-Link DWA-130 Wireless N USB Adapter

Physical Address. . . . . . . . . : 00-26-5A-BF-18-1A

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::5d87:758e:3589:21d8%18(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.0.199(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Thursday, January 20, 2011 9:09:16 PM

Lease Expires . . . . . . . . . . : Friday, January 21, 2011 11:30:09 PM

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DHCPv6 IAID . . . . . . . . . . . : 469771866

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5C-6D-2C-00-1F-BC-09-36-E6

DNS Servers . . . . . . . . . . . : 198.153.192.1

198.153.194.1

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Bigfoot Networks Killer Ethernet Controller

Physical Address. . . . . . . . . : 00-19-03-03-D4-CB

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : 00-1F-BC-09-36-E6

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{56474ED5-C648-4960-8E51-27EFFE26DDAE}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:40b:2be6:bc49:babd(Preferred)

Link-local IPv6 Address . . . . . : fe80::40b:2be6:bc49:babd%12(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5E496A5B-8375-43E0-BAB7-6E7DF88D58D7}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E152650D-E744-4747-BB1A-0FB9A45D4571}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

morgan46 · January 22, 2011

fxspybot andm

Symantec W32.Spybot.ANDM Removal Tool 1.0.0

You do not have Administrator rights to run the tool.

Please contact your Network Administrator for more information.

morgan46 · January 22, 2011

not sure think adware

Logfile created: 12/11/2010 01:45:18

Ad-Aware version: 9.0.0

Extended engine: 3

Extended engine version: 3.1.2770

User performing scan: Jerri

*********************** Definitions database information ***********************

Lavasoft definition file: 150.198

Genotype definition file version: 2010/12/10 11:42:00

Extended engine definition file: 7600.0

******************************** Scan results: *********************************

Scan profile name: Smart Scan (ID: smart)

Objects scanned: 13939

Objects detected: 3

Type Detected

==========================

Processes.......: 0

Registry entries: 0

Hostfile entries: 0

Files...........: 0

Folders.........: 0

LSPs............: 0

Cookies.........: 3

Browser hijacks.: 0

MRU objects.....: 0

Removed items:

Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0

Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0

Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0

Scan and cleaning complete: Finished correctly after 88 seconds

*********************************** Settings ***********************************

Scan profile:

ID: smart, enabled:1, value: Smart Scan

ID: folderstoscan, enabled:1, value:

ID: useantivirus, enabled:1, value: true

ID: sections, enabled:1

ID: scancriticalareas, enabled:1, value: true

ID: scanrunningapps, enabled:1, value: true

ID: scanregistry, enabled:1, value: true

ID: scanlsp, enabled:1, value: true

ID: scanads, enabled:1, value: false

ID: scanhostsfile, enabled:1, value: false

ID: scanmru, enabled:1, value: false

ID: scanbrowserhijacks, enabled:1, value: true

ID: scantrackingcookies, enabled:1, value: true

ID: closebrowsers, enabled:1, value: false

ID: filescanningoptions, enabled:1

ID: archives, enabled:1, value: false

ID: onlyexecutables, enabled:1, value: true

ID: skiplargerthan, enabled:1, value: 20480

ID: scanrootkits, enabled:1, value: true

ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict

ID: usespywareheuristics, enabled:1, value: true

Scan global:

ID: global, enabled:1

ID: addtocontextmenu, enabled:1, value: true

ID: playsoundoninfection, enabled:1, value: false

ID: soundfile, enabled:0, value: N/A

Scheduled scan settings:

<Empty>

Update settings:

ID: updates, enabled:1

ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently

ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

ID: schedules, enabled:1, value: true

ID: updatedaily1, enabled:1, value: Daily 1

ID: time, enabled:1, value: Tue Dec 07 05:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily2, enabled:1, value: Daily 2

ID: time, enabled:1, value: Tue Dec 07 11:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily3, enabled:1, value: Daily 3

ID: time, enabled:1, value: Tue Dec 07 17:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily4, enabled:1, value: Daily 4

ID: time, enabled:1, value: Tue Dec 07 23:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updateweekly1, enabled:1, value: Weekly

ID: time, enabled:1, value: Tue Dec 07 05:08:00 2010

ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: true

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: true

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:

ID: appearance, enabled:1

ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource

ID: showtrayicon, enabled:1, value: true

ID: autoentertainmentmode, enabled:1, value: true

ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple

ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:

ID: realtime, enabled:1

ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant

ID: layers, enabled:1

ID: useantivirus, enabled:1, value: true

ID: usespywareheuristics, enabled:1, value: true

ID: maintainbackup, enabled:1, value: true

ID: modules, enabled:1

ID: processprotection, enabled:1, value: true

ID: onaccessprotection, enabled:1, value: true

ID: registryprotection, enabled:1, value: true

ID: networkprotection, enabled:1, value: true

****************************** System information ******************************

Computer name: MOTHAFUCKERMYPC

Processor name: Intel® Core i7 CPU 950 @ 3.07GHz

Processor identifier: Intel64 Family 6 Model 26 Stepping 5

Processor speed: ~3647MHZ

Raw info: processorarchitecture 9, processortype 8664, processorlevel 6, processor revision 6661, number of processors 8, processor features: [MMX,SSE,SSE2,SSE3]

Physical memory available: 10791047168 bytes

Physical memory total: 12875649024 bytes

Virtual memory available: 1836314624 bytes

Virtual memory total: 2147352576 bytes

Memory load: 16%

Microsoft (build 7600)

Windows startup mode:

Running processes:

PID: 344 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 520 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 604 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORITY

PID: 628 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 668 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY

PID: 712 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT AUTHORITY

PID: 728 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY

PID: 736 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT AUTHORITY

PID: 840 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 904 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 944 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 472 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 524 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 480 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1124 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1200 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 1544 name: C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1588 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1616 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1744 name: C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1792 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1828 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1904 name: C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1968 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\SymcPCCULaunchSvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2084 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2136 name: C:\Windows\System32\snmp.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2188 name: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2236 name: C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2228 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1144 name: C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2952 name: C:\Windows\System32\taskhost.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 916 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2588 name: C:\Windows\System32\dwm.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2732 name: C:\Windows\explorer.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3424 name: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3468 name: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3512 name: C:\Program Files (x86)\Logitech\G35\G35.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3656 name: C:\Users\Jerri\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 4092 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 4432 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 3396 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 964 name: C:\Program Files (x86)\Internet Explorer\ielowutil.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 1556 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 4120 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1056 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3092 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: Jerri domain: MOTHAFUCKERMYPC

Startup items:

Name: Logitech G35

imagepath: C:\Program Files (x86)\Logitech\G35\G35.exe

Name: WebCheck

imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

Name:

location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk

imagepath: C:\Program Files (x86)\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe

Name:

imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Bootexecute items:

Name:

imagepath: autocheck autochk *

Name:

imagepath: lsdelete

Running services:

Name: AeLookupSvc

displayname: Application Experience

Name: Appinfo

displayname: Application Information

Name: AudioEndpointBuilder

displayname: Windows Audio Endpoint Builder

Name: AudioSrv

displayname: Windows Audio

Name: BFE

displayname: Base Filtering Engine

Name: Bigfoot Networks Killer Service

displayname: Bigfoot Networks Killer Service

Name: BITS

displayname: Background Intelligent Transfer Service

Name: Browser

displayname: Computer Browser

Name: CryptSvc

displayname: Cryptographic Services

Name: DcomLaunch

displayname: DCOM Server Process Launcher

Name: Dhcp

displayname: DHCP Client

Name: Dnscache

displayname: DNS Client

Name: DPS

displayname: Diagnostic Policy Service

Name: EapHost

displayname: Extensible Authentication Protocol

Name: eventlog

displayname: Windows Event Log

Name: EventSystem

displayname: COM+ Event System

Name: fdPHost

displayname: Function Discovery Provider Host

Name: FDResPub

displayname: Function Discovery Resource Publication

Name: gpsvc

displayname: Group Policy Client

Name: hidserv

displayname: Human Interface Device Access

Name: HomeGroupProvider

displayname: HomeGroup Provider

Name: IKEEXT

displayname: IKE and AuthIP IPsec Keying Modules

Name: iphlpsvc

displayname: IP Helper

Name: KeyIso

displayname: CNG Key Isolation

Name: LanmanServer

displayname: Server

Name: LanmanWorkstation

displayname: Workstation

Name: Lavasoft Ad-Aware Service

displayname: Lavasoft Ad-Aware Service

Name: lmhosts

displayname: TCP/IP NetBIOS Helper

Name: MMCSS

displayname: Multimedia Class Scheduler

Name: MpsSvc

displayname: Windows Firewall

Name: N360

displayname: Norton Security Suite

Name: Netman

displayname: Network Connections

Name: netprofm

displayname: Network List Service

Name: NlaSvc

displayname: Network Location Awareness

Name: Norton PC Checkup Application Launcher

displayname: Norton PC Checkup Application Launcher

Name: nsi

displayname: Network Store Interface Service

Name: NVSvc

displayname: NVIDIA Driver Helper Service

Name: PcaSvc

displayname: Program Compatibility Assistant Service

Name: PCCUJobMgr

displayname: Common Client Job Manager Service

Name: PlugPlay

displayname: Plug and Play

Name: PolicyAgent

displayname: IPsec Policy Agent

Name: Power

displayname: Power

Name: ProfSvc

displayname: User Profile Service

Name: RpcEptMapper

displayname: RPC Endpoint Mapper

Name: RpcSs

displayname: Remote Procedure Call (RPC)

Name: SamSs

displayname: Security Accounts Manager

Name: Schedule

displayname: Task Scheduler

Name: SENS

displayname: System Event Notification Service

Name: ShellHWDetection

displayname: Shell Hardware Detection

Name: SNMP

displayname: SNMP Service

Name: Spooler

displayname: Print Spooler

Name: SSDPSRV

displayname: SSDP Discovery

Name: Stereo Service

displayname: NVIDIA Stereoscopic 3D Driver Service

Name: SysMain

displayname: Superfetch

Name: Themes

displayname: Themes

Name: TrkWks

displayname: Distributed Link Tracking Client

Name: UxSms

displayname: Desktop Window Manager Session Manager

Name: WdiServiceHost

displayname: Diagnostic Service Host

Name: WinDefend

displayname: Windows Defender

Name: WinHttpAutoProxySvc

displayname: WinHTTP Web Proxy Auto-Discovery Service

Name: Winmgmt

displayname: Windows Management Instrumentation

Name: Wlansvc

displayname: WLAN AutoConfig

Name: WMPNetworkSvc

displayname: Windows Media Player Network Sharing Service

Name: wscsvc

displayname: Security Center

Name: wuauserv

displayname: Windows Update

Name: YahooAUService

displayname: Yahoo! Updater

morgan46 · January 22, 2011

event-log(2)

Keywords Date and Time Source Event ID Task Category

Classic 2/10/2010 12:44:30 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the stopped state.

Classic 2/10/2010 12:44:25 AM Service Control Manager 7036 None The Windows Update service entered the running state.

Classic 2/10/2010 12:44:21 AM Service Control Manager 7036 None The Security Center service entered the running state.

Classic 2/10/2010 12:44:21 AM Service Control Manager 7036 None The Windows Defender service entered the running state.

Classic 2/10/2010 12:44:20 AM Service Control Manager 7036 None The Background Intelligent Transfer Service service entered the running state.

Classic 2/10/2010 12:44:08 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the running state.

Classic 2/10/2010 12:43:08 AM Service Control Manager 7036 None The SSDP Discovery service entered the running state.

Classic 2/10/2010 12:43:08 AM Service Control Manager 7036 None The Virtual Disk service entered the stopped state.

Classic 2/10/2010 12:43:08 AM Virtual Disk Service 4 None Service stopped.

Classic 2/10/2010 12:43:05 AM Service Control Manager 7036 None The Peer Networking Grouping service entered the running state.

Classic 2/10/2010 12:43:04 AM Service Control Manager 7036 None The Peer Name Resolution Protocol service entered the running state.

Classic 2/10/2010 12:43:03 AM Service Control Manager 7036 None The Peer Networking Identity Manager service entered the running state.

Classic 2/10/2010 12:43:02 AM Service Control Manager 7036 None The HomeGroup Listener service entered the running state.

Classic 2/10/2010 12:43:01 AM Service Control Manager 7036 None The HomeGroup Provider service entered the running state.

Classic 2/10/2010 12:43:01 AM Service Control Manager 7036 None The Function Discovery Provider Host service entered the running state.

Classic 2/10/2010 12:42:57 AM Service Control Manager 7036 None The Windows Search service entered the running state.

Classic 2/10/2010 12:42:55 AM Service Control Manager 7036 None The Windows Media Player Network Sharing Service service entered the running state.

Classic 2/10/2010 12:42:55 AM Microsoft-Windows-WMPNSS-Service 14204 None Service 'WMPNetworkSvc' started.

Classic 2/10/2010 12:42:52 AM Service Control Manager 7036 None The Network Connections service entered the running state.

Classic 2/10/2010 12:42:35 AM Service Control Manager 7036 None The Application Information service entered the running state.

2/10/2010 12:42:27 AM Microsoft-Windows-Winlogon 7001 (1101) User Logon Notification for Customer Experience Improvement Program

Classic 2/10/2010 12:42:26 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:42:23 AM Service Control Manager 7036 None The Software Protection service entered the running state.

Classic 2/10/2010 12:42:21 AM Service Control Manager 7036 None The Computer Browser service entered the running state.

Classic 2/10/2010 12:42:21 AM Service Control Manager 7036 None The WinHTTP Web Proxy Auto-Discovery Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Virtual Disk service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Diagnostic Service Host service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Diagnostic System Host service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Human Interface Device Access service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Application Experience service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Network List Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Server service entered the running state.

Classic 2/10/2010 12:42:20 AM Microsoft-Windows-WER-SystemErrorReporting 1001 None The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff900c1e200e0, 0x0000000000000000, 0xfffff9600012b817, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021010-64600-01.

Classic 2/10/2010 12:42:20 AM Virtual Disk Service 3 None Service started.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The IP Helper service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Windows Management Instrumentation service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Distributed Link Tracking Client service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Superfetch service entered the running state.

Classic 2/10/2010 12:42:17 AM Service Control Manager 7036 None The Function Discovery Resource Publication service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Network Location Awareness service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Program Compatibility Assistant Service service entered the running state.

2/10/2010 12:42:14 AM Microsoft-Windows-Application-Experience 201 None The Program Compatibility Assistant service started successfully.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Diagnostic Policy Service service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Cryptographic Services service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Workstation service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Windows Firewall service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Base Filtering Engine service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Print Spooler service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Task Scheduler service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Shell Hardware Detection service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The DNS Client service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The DHCP Client service entered the running state.

2/10/2010 12:42:14 AM Microsoft-Windows-DHCPv6-Client 51046 Service State Event DHCPv6 client service is started

2/10/2010 12:42:14 AM Microsoft-Windows-Dhcp-Client 50036 Service State Event DHCPv4 client service is started

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The TCP/IP NetBIOS Helper service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Network Store Interface Service service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Security Accounts Manager service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Desktop Window Manager Session Manager service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Windows Modules Installer service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The System Event Notification Service service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The COM+ Event System service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The User Profile Service service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Group Policy Client service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Themes service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Windows Audio service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Windows Audio Endpoint Builder service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Multimedia Class Scheduler service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Windows Event Log service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Remote Procedure Call (RPC) service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The RPC Endpoint Mapper service entered the running state.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The DCOM Server Process Launcher service entered the running state.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The NVIDIA Display Driver Service service entered the running state.

2/10/2010 12:42:09 AM Microsoft-Windows-FilterManager 6 None File System Filter 'luafv' (6.1, ‎2009‎-‎07‎-‎13T18:26:13.000000000Z) has successfully loaded and registered with Filter Manager.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The Power service entered the running state.

2/10/2010 12:42:09 AM Microsoft-Windows-UserPnp 20010 (7010)

morgan46 · January 22, 2011

Event log file (cont.)

"One or more of the Plug and Play service's subsystems has changed state.

PlugPlay install subsystem enabled: 'true'

PlugPlay caching subsystem enabled: 'true'

"

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The Plug and Play service entered the running state.

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 7 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 5 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 3 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 1 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 6 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 4 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 2 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 0 in group 0 exposes the following:

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

(2) 2/10/2010 12:41:20 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Classic 2/10/2010 12:42:10 AM EventLog 6013 None The system uptime is 65 seconds.

Classic 2/10/2010 12:42:10 AM EventLog 6005 None The Event log service was started.

Classic 2/10/2010 12:42:10 AM EventLog 6009 None Microsoft ® Windows ® 6.01. 7600 Multiprocessor Free.

Classic 2/10/2010 12:42:10 AM EventLog 6008 None The previous system shutdown at 12:32:56 AM on ‎2/‎10/‎2010 was unexpected.

Classic 2/10/2010 12:42:10 AM EventLog 6011 None The NetBIOS name and DNS host name of this machine have been changed from SkyNET to SKYNET.

2/10/2010 12:41:09 AM Microsoft-Windows-FilterManager 6 None File System Filter 'FileInfo' (6.1, ‎2009‎-‎07‎-‎13T18:34:25.000000000Z) has successfully loaded and registered with Filter Manager.

2/10/2010 12:41:06 AM Microsoft-Windows-Kernel-General 12 None The operating system started at system time ‎2010‎-‎02‎-‎10T05:41:05.610798400Z.

Classic 2/10/2010 12:32:58 AM Service Control Manager 7036 None The Windows Installer service entered the running state.

2/10/2010 12:32:56 AM Microsoft-Windows-UserPnp 20003 (7005) Driver Management has concluded the process to add Service nvlddmkm for Device Instance ID PCI\VEN_10DE&DEV_05EB&SUBSYS_070510DE&REV_A1\6&38E4BF4&0&00100018 with the following status: 0.

2/10/2010 12:32:51 AM Microsoft-Windows-UserPnp 20003 (7005) Driver Management has concluded the process to add Service nvlddmkm for Device Instance ID PCI\VEN_10DE&DEV_05EB&SUBSYS_070510DE&REV_A1\6&AE164B5&0&00000018 with the following status: 0.

Classic 2/10/2010 12:32:30 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the stopped state.

Success,Installation 2/10/2010 12:31:55 AM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

Classic 2/10/2010 12:31:50 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Success,Installation 2/10/2010 12:31:50 AM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: Update for Windows 7 for x64-based Systems (KB974332)

Classic 2/10/2010 12:31:49 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:31:46 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:31:45 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:31:35 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Success,Download 2/10/2010 12:31:31 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Update for Windows 7 for x64-based Systems (KB974431)

- Security Update for Windows 7 fo

2/10/2010 12:31:30 AM Microsoft-Windows-UserPnp 20001 (7005) Driver Management concluded the process to install driver FileRepository\volsnap.inf_amd64_neutral_7499a4fac85b39fc\volsnap.inf for

morgan46 · January 22, 2011

Event log file (cont.)

Device Instance ID STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2 with the following status: 0x0.

Classic 2/10/2010 12:31:27 AM Service Control Manager 7036 None The Microsoft Software Shadow Copy Provider service entered the running state.

Classic 2/10/2010 12:31:27 AM Service Control Manager 7036 None The Volume Shadow Copy service entered the running state.

Classic 2/10/2010 12:30:30 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the running state.

Classic 2/10/2010 12:28:45 AM Service Control Manager 7036 None The ActiveX Installer (AxInstSV) service entered the running state.

Classic 2/10/2010 12:26:07 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the stopped state.

Success,Download 2/10/2010 12:25:34 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Update for Windows 7 for x64-based Systems (KB974431)

- Security Update for Windows 7 fo

Success,Download 2/10/2010 12:25:26 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 fo

Success,Download 2/10/2010 12:25:26 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:19 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM: