Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

dds scan


Recommended Posts

hello new to this but i have been having same problems for over 3 years was into online gaming for many years last 8 years playing all call of duty games in twl on the number 1 squad in twl for years the last 3 years it seems like some 1 else has control over my pc have moved 4 times in 8 years every location is new ip but yet my settings will change in all the important files that you need like the exe. files it is driving me nuts and last night i went back to advanced system care. and also got the 360 took norton off pc and put avg did a scan with hijack this and all my exe. files was in chinese pls help me catch this hacker r who ever what ever has control over my pc .if possible would love to know where i am getting hacked from.

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/3/2010 10:03:25 PM

System Uptime: 1/21/2011 9:16:14 PM (0 hours ago)

 

Motherboard: EVGA | | 141-BL-E757

Processor: Intel® Core i7 CPU 950 @ 3.07GHz | Socket 423 | 3648/159mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 931 GiB total, 882.941 GiB free.

D: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP144: 1/21/2011 12:48:18 AM - Windows Update

RP145: 1/21/2011 3:01:49 PM - Installed AVG 2011

RP146: 1/21/2011 3:02:09 PM - Installed AVG 2011

 

==== Installed Programs ======================

 

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Advanced SystemCare 3

AVG PC Tuneup 2011

Bigfoot Networks Killer Network Manager

Call of Duty Black Ops - Remote Console

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

CameraHelperMsi

D-Link DWA-130 Wireless N USB Adapter

D3DX10

erLT

EVGA Precision 2.0.1

Game Booster

Google Chrome

Google Talk Plugin

Hunting Unlimited 4 1.0

IObit Security 360

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox (3.6.13)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Norton Bootable Recovery Tool Wizard

Norton DNS

Norton PC Checkup

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

Realtek High Definition Audio Driver

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Smart Defrag 2

Steam

STORM

Symantec Technical Support Web Controls

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Visual Studio 2008 x64 Redistributables

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Yahoo! Messenger

Yahoo! Software Update

 

==== Event Viewer Messages From Past Week ========

 

1/21/2011 9:16:34 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

1/21/2011 9:16:28 PM, Error: volmgr [46] - Crash dump initialization failed!

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:16:25 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

1/21/2011 9:02:58 PM, Error: Service Control Manager [7031] - The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

1/21/2011 2:40:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MpsSvc service.

1/21/2011 2:39:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wcncsvc service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

1/21/2011 2:39:13 AM, Error: Service Control Manager [7000] - The Windows Connect Now - Config Registrar service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/21/2011 2:38:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

1/21/2011 2:37:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

1/21/2011 2:37:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

1/21/2011 2:37:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

1/21/2011 2:37:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

1/21/2011 2:18:04 PM, Error: Service Control Manager [7000] - The Symantec Eraser Control driver service failed to start due to the following error: The system cannot find the file specified.

1/19/2011 9:57:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 2:10:32 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 11:49:23 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/19/2011 10:53:36 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4260.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80240022 Error description: The program can't check for definition updates.

1/19/2011 10:53:36 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4260.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80240022 Error description: The program can't check for definition updates.

1/18/2011 9:45:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

1/18/2011 9:45:40 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/16/2011 8:28:20 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/15/2011 9:15:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3968.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

1/15/2011 2:34:00 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{566d20b1-e352-11df-9265-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{957BC05F-E959-43A1-A61C-20C31C52D40B}' was corrupted and it has been recovered. Some data might have been lost.

1/15/2011 12:57:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/14/2011 7:10:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

1/14/2011 11:59:28 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

 

==== End Of File ===========================

ddsscan.txt

Link to comment
Share on other sites

ddsfile

 

DDS (Ver_10-12-12.02) - NTFS_AMD64

Run by Jerri at 21:25:53.33 on Fri 01/21/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.12279.10053 [GMT -8:00]

 

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\System32\snmp.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG10\avgchsva.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Windows\system32\wbem\wmiprvse.exe

c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Jerri\Desktop\dds.scr

C:\Windows\system32\conhost.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.msn.com

mStart Page = hxxp://www.msn.com

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

mWinlogon: Userinit=userinit.exe

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

StartupFolder: C:\Users\Jerri\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\G35\eReg.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NORTON~1.LNK - C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: %SYSTEMROOT%\system32\BfLLR.dll

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: {AD5BB780-21CD-4D03-8159-593F1F1119BB} = 198.153.192.1,198.153.194.1

TCP: 46C696E6B6 = 198.153.192.1,198.153.194.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

 

================= FIREFOX ===================

 

FF - ProfilePath - C:\Users\Jerri\AppData\Roaming\Mozilla\Firefox\Profiles\uoyxdpvy.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4d3a10d0&v=6.011.025.001&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q=

FF - prefs.js: network.proxy.type - 4

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jerri\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Users\Jerri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Jerri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

FF - Ext: AVG Security Toolbar em:version=6.011.025.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared

 

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2011-1-20 17720]

R0 SMR161;Symantec SMR Utility Service 1.6.1;C:\Windows\System32\drivers\SMR161.SYS [2011-1-15 90232]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]

R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

R2 IS360service;IS360service;C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe [2011-1-19 312152]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]

R2 Norton DNS;Norton DNS;C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe [2010-10-13 97664]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [2010-12-29 120248]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [2010-12-29 126392]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-8 369256]

R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe [2010-12-15 167936]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;C:\Windows\System32\drivers\Edge7x64.sys [2010-9-2 30824]

R3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2010-9-2 155240]

R3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\System32\drivers\ladfDHP2amd64.sys [2010-9-29 62168]

R3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\System32\drivers\ladfSBVMamd64.sys [2010-9-29 377176]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]

R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-11-10 341856]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-2-3 58528]

R3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-11-3 155752]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]

R3 SaiK0728;SaiK0728;C:\Windows\System32\drivers\SaiK0728.sys [2008-1-21 129024]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-1-21 517448]

S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\System32\drivers\CamDrL64.sys [2007-2-3 955680]

S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2008-10-29 811008]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-11 1255736]

S4 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2010-9-2 569344]

 

=============== Created Last 30 ================

 

2011-01-22 02:07:21 -------- d-----w- C:\Users\Jerri\AppData\Local\AVG Security Toolbar

2011-01-21 23:03:44 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar

2011-01-21 23:03:34 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2011-01-21 23:03:09 -------- d-----w- C:\Windows\System32\drivers\AVG

2011-01-21 08:48:29 7844688 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{858053CE-423A-4D2B-AED4-54DF478976D9}\mpengine.dll

2011-01-21 04:12:28 31112 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe

2011-01-21 04:12:28 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys

2011-01-20 03:46:18 -------- d-----w- C:\PROGRA~3\IObit

2011-01-20 03:18:21 -------- d-----w- C:\Users\Jerri\AppData\Roaming\IObit

2011-01-20 03:18:20 -------- d-----w- C:\Program Files (x86)\IObit

2011-01-16 22:30:20 -------- d-----w- C:\N360_BACKUP

2011-01-15 17:47:17 107368 ----a-r- C:\Windows\SysWow64\GEARAspi.dll

2011-01-15 17:47:16 34152 ----a-r- C:\Windows\System32\drivers\GEARAspiWDM.sys

2011-01-15 17:47:16 126312 ----a-r- C:\Windows\System32\GEARAspi64.dll

2011-01-15 17:23:17 90232 ----a-w- C:\Windows\System32\drivers\SMR161.SYS

2011-01-12 19:44:04 -------- d-----w- C:\Program Files (x86)\iCall

2011-01-12 11:16:59 258048 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2011-01-09 23:00:26 553696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

2011-01-08 13:34:15 -------- d-----w- C:\Program Files (x86)\Gamers Unite! Snag Bar

2011-01-04 20:07:40 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com

2010-12-31 23:21:50 7844688 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2010-12-31 20:04:01 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{05652A4E-29D6-4C79-9EC1-7F7495053BAB}\gapaengine.dll

2010-12-31 20:04:00 -------- d-----w- C:\4a204a9ed6d94c3f8a9942

2010-12-31 19:45:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2010-12-31 19:45:31 -------- d-----w- C:\Program Files\Microsoft Security Client

2010-12-31 19:45:17 374664 ----a-w- C:\Windows\System32\drivers\netio.sys

2010-12-31 19:21:31 8199504 ------w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{07FF0FE1-68D6-42B1-A740-28DE16221925}\mpengine.dll

2010-12-30 17:22:56 -------- d-----w- C:\Users\Jerri\AppData\Local\MAGIX

2010-12-30 16:34:12 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2010-12-30 16:32:47 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

2010-12-30 15:56:41 -------- d-----w- C:\Windows\en

2010-12-30 15:50:46 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2010-12-30 15:48:22 -------- d-----w- C:\Windows\PCHEALTH

2010-12-30 15:47:12 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\DSETUP.dll

2010-12-30 15:47:12 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\DXSETUP.exe

2010-12-30 15:47:12 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30bb14a1cba8380a\dsetup32.dll

2010-12-30 15:46:54 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\DSETUP.dll

2010-12-30 15:46:54 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\DXSETUP.exe

2010-12-30 15:46:54 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c8511b221cba83809\dsetup32.dll

2010-12-30 15:46:30 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2010-12-30 15:46:30 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2010-12-30 15:46:28 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2010-12-30 15:46:27 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2010-12-30 15:45:53 4068864 ----a-w- C:\Windows\System32\mf.dll

2010-12-30 15:45:53 3181568 ----a-w- C:\Windows\SysWow64\mf.dll

2010-12-30 15:45:53 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll

2010-12-30 15:45:53 206848 ----a-w- C:\Windows\System32\mfps.dll

2010-12-30 15:45:53 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll

2010-12-30 15:45:53 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2010-12-30 15:45:53 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2010-12-30 15:42:53 -------- d-----w- C:\Users\Jerri\AppData\Local\Windows Live

2010-12-30 15:42:52 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2010-12-30 15:32:33 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services

2010-12-30 15:10:42 -------- d-----w- C:\Users\Jerri\AppData\Roaming\MAGIX

2010-12-30 12:52:07 -------- d-----w- C:\Users\Jerri\AppData\Local\LogiShrd

2010-12-30 12:50:21 53248 ----a-r- C:\Users\Jerri\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2010-12-30 12:50:12 -------- d-----w- C:\Windows\SysWow64\logishrd

2010-12-30 12:50:12 -------- d-----w- C:\Windows\System32\logishrd

2010-12-30 12:50:05 -------- d-----w- C:\Program Files (x86)\Common Files\LWS

2010-12-30 09:18:11 -------- d-----w- C:\Program Files (x86)\ophcrack

2010-12-29 14:31:16 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64\0200080.00D

2010-12-29 14:31:16 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64

2010-12-29 14:31:15 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup

2010-12-28 19:50:39 -------- d-----w- C:\Program Files (x86)\Hunting Unlimited 4

2010-12-25 05:33:17 -------- d-----w- C:\Windows\Malwarebytes' Anti-Malware

 

==================== Find3M ====================

 

2010-12-21 02:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-12-08 12:12:36 308304 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2010-12-07 13:08:24 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2010-11-25 14:59:16 694888 ----a-w- C:\Windows\System32\drivers\RTL8192su.sys

2010-11-12 21:19:38 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2010-11-10 10:49:26 539232 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll

2010-11-10 10:49:02 543328 ----a-w- C:\Windows\SysWow64\LVUI2.dll

2010-11-10 10:47:14 416352 ----a-w- C:\Windows\SysWow64\lvcodec2.dll

2010-11-10 10:45:54 4162784 ----a-w- C:\Windows\System32\drivers\lvuvc64.sys

2010-11-10 10:45:32 559712 ----a-w- C:\Windows\System32\LVUIRC64.dll

2010-11-10 10:45:32 102744 ----a-w- C:\Windows\SysWow64\LogiDPPApp.exe

2010-11-10 10:45:32 102744 ----a-w- C:\Windows\System32\LogiDPPApp.exe

2010-11-10 10:45:30 10871128 ----a-w- C:\Windows\SysWow64\LogiDPP.dll

2010-11-10 10:45:30 10871128 ----a-w- C:\Windows\System32\LogiDPP.dll

2010-11-10 10:45:20 316248 ----a-w- C:\Windows\SysWow64\DevManagerCore.dll

2010-11-10 10:45:20 316248 ----a-w- C:\Windows\System32\DevManagerCore.dll

2010-11-10 10:45:02 767584 ----a-w- C:\Windows\System32\LVUI64.dll

2010-11-10 10:44:24 341856 ----a-w- C:\Windows\System32\drivers\lvrs64.sys

2010-11-10 10:43:32 259680 ----a-w- C:\Windows\System32\lvco13101216.dll

2010-11-10 10:43:12 400480 ----a-w- C:\Windows\System32\lvcod64.dll

2010-11-10 10:32:14 38238 ----a-w- C:\Windows\System32\Repository.reg

2010-11-10 10:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll

2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec

2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-11-02 05:21:51 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll

2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll

2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll

2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll

2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe

2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe

2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll

2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll

2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2010-10-28 18:46:10 1251944 ----a-w- C:\Windows\RtlExUpd.dll

2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll

2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2010-10-25 05:25:38 72064 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2010-10-25 05:25:38 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys

2010-10-25 05:25:38 188928 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

 

============= FINISH: 21:26:09.88 ===============

Link to comment
Share on other sites

Logfile of IObit HijackScan v1.0.2.0 Scan saved at 23:53:12, on 2011-1-20

 

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 23:53:12, on 2011-1-20

 

Running processes:

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

O23 - Service: Bigfoot Networks Killer Service (Bigfoot Networks Killer Service) - Unknown - C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Norton DNS (Norton DNS) - Symantec Corporation - C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

O23 - Service: Norton PC Checkup Application Launcher (Norton PC Checkup Application Launcher) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Symantec RemoteAssist (Symantec RemoteAssist) - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: WlanWpsSvc (WlanWpsSvc) - Unknown - C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

Link to comment
Share on other sites

route.print

 

===========================================================================

Interface List

19...00 26 5a bf 18 1a ......Microsoft Virtual WiFi Miniport Adapter

18...00 26 5a bf 18 1a ......D-Link DWA-130 Wireless N USB Adapter

13...00 19 03 03 d4 cb ......Bigfoot Networks Killer Ethernet Controller

11...00 1f bc 09 36 e6 ......Realtek PCIe GBE Family Controller

1...........................Software Loopback Interface 1

22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.199 30

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.0.0 255.255.255.0 On-link 192.168.0.199 286

192.168.0.199 255.255.255.255 On-link 192.168.0.199 286

192.168.0.255 255.255.255.255 On-link 192.168.0.199 286

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.0.199 286

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.0.199 286

===========================================================================

Persistent Routes:

None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

12 58 ::/0 On-link

1 306 ::1/128 On-link

12 58 2001::/32 On-link

12 306 2001:0:4137:9e76:40b:2be6:bc49:babd/128

On-link

18 286 fe80::/64 On-link

12 306 fe80::/64 On-link

12 306 fe80::40b:2be6:bc49:babd/128

On-link

18 286 fe80::5d87:758e:3589:21d8/128

On-link

1 306 ff00::/8 On-link

12 306 ff00::/8 On-link

18 286 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

Link to comment
Share on other sites

ipconfig.all file

 

Windows IP Configuration

 

Host Name . . . . . . . . . . . . : mothafuckermypcbitchfagetdiesoon

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

 

Wireless LAN adapter Wireless Network Connection 6:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Physical Address. . . . . . . . . : 00-26-5A-BF-18-1A

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection 5:

 

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.

Description . . . . . . . . . . . : D-Link DWA-130 Wireless N USB Adapter

Physical Address. . . . . . . . . : 00-26-5A-BF-18-1A

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::5d87:758e:3589:21d8%18(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.0.199(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Thursday, January 20, 2011 9:09:16 PM

Lease Expires . . . . . . . . . . : Friday, January 21, 2011 11:30:09 PM

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DHCPv6 IAID . . . . . . . . . . . : 469771866

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5C-6D-2C-00-1F-BC-09-36-E6

DNS Servers . . . . . . . . . . . : 198.153.192.1

198.153.194.1

NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection 2:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Bigfoot Networks Killer Ethernet Controller

Physical Address. . . . . . . . . : 00-19-03-03-D4-CB

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Local Area Connection:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : 00-1F-BC-09-36-E6

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{56474ED5-C648-4960-8E51-27EFFE26DDAE}:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 11:

 

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:40b:2be6:bc49:babd(Preferred)

Link-local IPv6 Address . . . . . : fe80::40b:2be6:bc49:babd%12(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

 

Tunnel adapter isatap.hsd1.ca.comcast.net.:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{5E496A5B-8375-43E0-BAB7-6E7DF88D58D7}:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{E152650D-E744-4747-BB1A-0FB9A45D4571}:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link to comment
Share on other sites

not sure think adware

 

Logfile created: 12/11/2010 01:45:18

Ad-Aware version: 9.0.0

Extended engine: 3

Extended engine version: 3.1.2770

User performing scan: Jerri

 

*********************** Definitions database information ***********************

Lavasoft definition file: 150.198

Genotype definition file version: 2010/12/10 11:42:00

Extended engine definition file: 7600.0

 

******************************** Scan results: *********************************

Scan profile name: Smart Scan (ID: smart)

Objects scanned: 13939

Objects detected: 3

 

 

Type Detected

==========================

Processes.......: 0

Registry entries: 0

Hostfile entries: 0

Files...........: 0

Folders.........: 0

LSPs............: 0

Cookies.........: 3

Browser hijacks.: 0

MRU objects.....: 0

 

 

 

Removed items:

Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0

Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0

Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0

 

Scan and cleaning complete: Finished correctly after 88 seconds

 

*********************************** Settings ***********************************

 

Scan profile:

ID: smart, enabled:1, value: Smart Scan

ID: folderstoscan, enabled:1, value:

ID: useantivirus, enabled:1, value: true

ID: sections, enabled:1

ID: scancriticalareas, enabled:1, value: true

ID: scanrunningapps, enabled:1, value: true

ID: scanregistry, enabled:1, value: true

ID: scanlsp, enabled:1, value: true

ID: scanads, enabled:1, value: false

ID: scanhostsfile, enabled:1, value: false

ID: scanmru, enabled:1, value: false

ID: scanbrowserhijacks, enabled:1, value: true

ID: scantrackingcookies, enabled:1, value: true

ID: closebrowsers, enabled:1, value: false

ID: filescanningoptions, enabled:1

ID: archives, enabled:1, value: false

ID: onlyexecutables, enabled:1, value: true

ID: skiplargerthan, enabled:1, value: 20480

ID: scanrootkits, enabled:1, value: true

ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict

ID: usespywareheuristics, enabled:1, value: true

 

Scan global:

ID: global, enabled:1

ID: addtocontextmenu, enabled:1, value: true

ID: playsoundoninfection, enabled:1, value: false

ID: soundfile, enabled:0, value: N/A

 

Scheduled scan settings:

<Empty>

 

Update settings:

ID: updates, enabled:1

ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently

ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

ID: schedules, enabled:1, value: true

ID: updatedaily1, enabled:1, value: Daily 1

ID: time, enabled:1, value: Tue Dec 07 05:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily2, enabled:1, value: Daily 2

ID: time, enabled:1, value: Tue Dec 07 11:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily3, enabled:1, value: Daily 3

ID: time, enabled:1, value: Tue Dec 07 17:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updatedaily4, enabled:1, value: Daily 4

ID: time, enabled:1, value: Tue Dec 07 23:08:00 2010

ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: false

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: false

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

ID: updateweekly1, enabled:1, value: Weekly

ID: time, enabled:1, value: Tue Dec 07 05:08:00 2010

ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly

ID: weekdays, enabled:1

ID: monday, enabled:1, value: false

ID: tuesday, enabled:1, value: true

ID: wednesday, enabled:1, value: false

ID: thursday, enabled:1, value: false

ID: friday, enabled:1, value: true

ID: saturday, enabled:1, value: false

ID: sunday, enabled:1, value: false

ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

ID: scanprofile, enabled:1, value:

ID: auto_deal_with_infections, enabled:1, value: false

 

Appearance settings:

ID: appearance, enabled:1

ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource

ID: showtrayicon, enabled:1, value: true

ID: autoentertainmentmode, enabled:1, value: true

ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple

ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

 

Realtime protection settings:

ID: realtime, enabled:1

ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant

ID: layers, enabled:1

ID: useantivirus, enabled:1, value: true

ID: usespywareheuristics, enabled:1, value: true

ID: maintainbackup, enabled:1, value: true

ID: modules, enabled:1

ID: processprotection, enabled:1, value: true

ID: onaccessprotection, enabled:1, value: true

ID: registryprotection, enabled:1, value: true

ID: networkprotection, enabled:1, value: true

 

 

****************************** System information ******************************

Computer name: MOTHAFUCKERMYPC

Processor name: Intel® Core i7 CPU 950 @ 3.07GHz

Processor identifier: Intel64 Family 6 Model 26 Stepping 5

Processor speed: ~3647MHZ

Raw info: processorarchitecture 9, processortype 8664, processorlevel 6, processor revision 6661, number of processors 8, processor features: [MMX,SSE,SSE2,SSE3]

Physical memory available: 10791047168 bytes

Physical memory total: 12875649024 bytes

Virtual memory available: 1836314624 bytes

Virtual memory total: 2147352576 bytes

Memory load: 16%

Microsoft (build 7600)

Windows startup mode:

 

Running processes:

PID: 344 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 520 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 604 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORITY

PID: 628 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY

PID: 668 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY

PID: 712 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT AUTHORITY

PID: 728 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY

PID: 736 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT AUTHORITY

PID: 840 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 904 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 944 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 472 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 524 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 480 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1124 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1200 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 1544 name: C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1588 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1616 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1744 name: C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1792 name: C:\Windows\System32\nvvsvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1828 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY

PID: 1904 name: C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1968 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\SymcPCCULaunchSvc.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2084 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2136 name: C:\Windows\System32\snmp.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2188 name: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2236 name: C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 2228 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1144 name: C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2952 name: C:\Windows\System32\taskhost.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 916 name: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.11\ccSvcHst.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2588 name: C:\Windows\System32\dwm.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 2732 name: C:\Windows\explorer.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3424 name: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3468 name: C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3512 name: C:\Program Files (x86)\Logitech\G35\G35.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3656 name: C:\Users\Jerri\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 4092 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 4432 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: NETWORK SERVICE domain: NT AUTHORITY

PID: 3396 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

PID: 964 name: C:\Program Files (x86)\Internet Explorer\ielowutil.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 1556 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY

PID: 4120 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY

PID: 1056 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Jerri domain: MOTHAFUCKERMYPC

PID: 3092 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: Jerri domain: MOTHAFUCKERMYPC

 

Startup items:

Name: Logitech G35

imagepath: C:\Program Files (x86)\Logitech\G35\G35.exe

Name: WebCheck

imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

Name:

location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk

imagepath: C:\Program Files (x86)\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe

Name:

imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

 

Bootexecute items:

Name:

imagepath: autocheck autochk *

Name:

imagepath: lsdelete

 

Running services:

Name: AeLookupSvc

displayname: Application Experience

Name: Appinfo

displayname: Application Information

Name: AudioEndpointBuilder

displayname: Windows Audio Endpoint Builder

Name: AudioSrv

displayname: Windows Audio

Name: BFE

displayname: Base Filtering Engine

Name: Bigfoot Networks Killer Service

displayname: Bigfoot Networks Killer Service

Name: BITS

displayname: Background Intelligent Transfer Service

Name: Browser

displayname: Computer Browser

Name: CryptSvc

displayname: Cryptographic Services

Name: DcomLaunch

displayname: DCOM Server Process Launcher

Name: Dhcp

displayname: DHCP Client

Name: Dnscache

displayname: DNS Client

Name: DPS

displayname: Diagnostic Policy Service

Name: EapHost

displayname: Extensible Authentication Protocol

Name: eventlog

displayname: Windows Event Log

Name: EventSystem

displayname: COM+ Event System

Name: fdPHost

displayname: Function Discovery Provider Host

Name: FDResPub

displayname: Function Discovery Resource Publication

Name: gpsvc

displayname: Group Policy Client

Name: hidserv

displayname: Human Interface Device Access

Name: HomeGroupProvider

displayname: HomeGroup Provider

Name: IKEEXT

displayname: IKE and AuthIP IPsec Keying Modules

Name: iphlpsvc

displayname: IP Helper

Name: KeyIso

displayname: CNG Key Isolation

Name: LanmanServer

displayname: Server

Name: LanmanWorkstation

displayname: Workstation

Name: Lavasoft Ad-Aware Service

displayname: Lavasoft Ad-Aware Service

Name: lmhosts

displayname: TCP/IP NetBIOS Helper

Name: MMCSS

displayname: Multimedia Class Scheduler

Name: MpsSvc

displayname: Windows Firewall

Name: N360

displayname: Norton Security Suite

Name: Netman

displayname: Network Connections

Name: netprofm

displayname: Network List Service

Name: NlaSvc

displayname: Network Location Awareness

Name: Norton PC Checkup Application Launcher

displayname: Norton PC Checkup Application Launcher

Name: nsi

displayname: Network Store Interface Service

Name: NVSvc

displayname: NVIDIA Driver Helper Service

Name: PcaSvc

displayname: Program Compatibility Assistant Service

Name: PCCUJobMgr

displayname: Common Client Job Manager Service

Name: PlugPlay

displayname: Plug and Play

Name: PolicyAgent

displayname: IPsec Policy Agent

Name: Power

displayname: Power

Name: ProfSvc

displayname: User Profile Service

Name: RpcEptMapper

displayname: RPC Endpoint Mapper

Name: RpcSs

displayname: Remote Procedure Call (RPC)

Name: SamSs

displayname: Security Accounts Manager

Name: Schedule

displayname: Task Scheduler

Name: SENS

displayname: System Event Notification Service

Name: ShellHWDetection

displayname: Shell Hardware Detection

Name: SNMP

displayname: SNMP Service

Name: Spooler

displayname: Print Spooler

Name: SSDPSRV

displayname: SSDP Discovery

Name: Stereo Service

displayname: NVIDIA Stereoscopic 3D Driver Service

Name: SysMain

displayname: Superfetch

Name: Themes

displayname: Themes

Name: TrkWks

displayname: Distributed Link Tracking Client

Name: UxSms

displayname: Desktop Window Manager Session Manager

Name: WdiServiceHost

displayname: Diagnostic Service Host

Name: WinDefend

displayname: Windows Defender

Name: WinHttpAutoProxySvc

displayname: WinHTTP Web Proxy Auto-Discovery Service

Name: Winmgmt

displayname: Windows Management Instrumentation

Name: Wlansvc

displayname: WLAN AutoConfig

Name: WMPNetworkSvc

displayname: Windows Media Player Network Sharing Service

Name: wscsvc

displayname: Security Center

Name: wuauserv

displayname: Windows Update

Name: YahooAUService

displayname: Yahoo! Updater

Link to comment
Share on other sites

event-log(2)

 

Keywords Date and Time Source Event ID Task Category

Classic 2/10/2010 12:44:30 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the stopped state.

Classic 2/10/2010 12:44:25 AM Service Control Manager 7036 None The Windows Update service entered the running state.

Classic 2/10/2010 12:44:21 AM Service Control Manager 7036 None The Security Center service entered the running state.

Classic 2/10/2010 12:44:21 AM Service Control Manager 7036 None The Windows Defender service entered the running state.

Classic 2/10/2010 12:44:20 AM Service Control Manager 7036 None The Background Intelligent Transfer Service service entered the running state.

Classic 2/10/2010 12:44:08 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the running state.

Classic 2/10/2010 12:43:08 AM Service Control Manager 7036 None The SSDP Discovery service entered the running state.

Classic 2/10/2010 12:43:08 AM Service Control Manager 7036 None The Virtual Disk service entered the stopped state.

Classic 2/10/2010 12:43:08 AM Virtual Disk Service 4 None Service stopped.

Classic 2/10/2010 12:43:05 AM Service Control Manager 7036 None The Peer Networking Grouping service entered the running state.

Classic 2/10/2010 12:43:04 AM Service Control Manager 7036 None The Peer Name Resolution Protocol service entered the running state.

Classic 2/10/2010 12:43:03 AM Service Control Manager 7036 None The Peer Networking Identity Manager service entered the running state.

Classic 2/10/2010 12:43:02 AM Service Control Manager 7036 None The HomeGroup Listener service entered the running state.

Classic 2/10/2010 12:43:01 AM Service Control Manager 7036 None The HomeGroup Provider service entered the running state.

Classic 2/10/2010 12:43:01 AM Service Control Manager 7036 None The Function Discovery Provider Host service entered the running state.

Classic 2/10/2010 12:42:57 AM Service Control Manager 7036 None The Windows Search service entered the running state.

Classic 2/10/2010 12:42:55 AM Service Control Manager 7036 None The Windows Media Player Network Sharing Service service entered the running state.

Classic 2/10/2010 12:42:55 AM Microsoft-Windows-WMPNSS-Service 14204 None Service 'WMPNetworkSvc' started.

Classic 2/10/2010 12:42:52 AM Service Control Manager 7036 None The Network Connections service entered the running state.

Classic 2/10/2010 12:42:35 AM Service Control Manager 7036 None The Application Information service entered the running state.

2/10/2010 12:42:27 AM Microsoft-Windows-Winlogon 7001 (1101) User Logon Notification for Customer Experience Improvement Program

Classic 2/10/2010 12:42:26 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:42:23 AM Service Control Manager 7036 None The Software Protection service entered the running state.

Classic 2/10/2010 12:42:21 AM Service Control Manager 7036 None The Computer Browser service entered the running state.

Classic 2/10/2010 12:42:21 AM Service Control Manager 7036 None The WinHTTP Web Proxy Auto-Discovery Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Virtual Disk service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Diagnostic Service Host service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Diagnostic System Host service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Human Interface Device Access service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Application Experience service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Network List Service service entered the running state.

Classic 2/10/2010 12:42:20 AM Service Control Manager 7036 None The Server service entered the running state.

Classic 2/10/2010 12:42:20 AM Microsoft-Windows-WER-SystemErrorReporting 1001 None The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff900c1e200e0, 0x0000000000000000, 0xfffff9600012b817, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021010-64600-01.

Classic 2/10/2010 12:42:20 AM Virtual Disk Service 3 None Service started.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The IP Helper service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Windows Management Instrumentation service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Distributed Link Tracking Client service entered the running state.

Classic 2/10/2010 12:42:18 AM Service Control Manager 7036 None The Superfetch service entered the running state.

Classic 2/10/2010 12:42:17 AM Service Control Manager 7036 None The Function Discovery Resource Publication service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Network Location Awareness service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Program Compatibility Assistant Service service entered the running state.

2/10/2010 12:42:14 AM Microsoft-Windows-Application-Experience 201 None The Program Compatibility Assistant service started successfully.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Diagnostic Policy Service service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Cryptographic Services service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Workstation service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Windows Firewall service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Base Filtering Engine service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Print Spooler service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Task Scheduler service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Shell Hardware Detection service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The DNS Client service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The DHCP Client service entered the running state.

2/10/2010 12:42:14 AM Microsoft-Windows-DHCPv6-Client 51046 Service State Event DHCPv6 client service is started

2/10/2010 12:42:14 AM Microsoft-Windows-Dhcp-Client 50036 Service State Event DHCPv4 client service is started

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The TCP/IP NetBIOS Helper service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Network Store Interface Service service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Security Accounts Manager service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Desktop Window Manager Session Manager service entered the running state.

Classic 2/10/2010 12:42:14 AM Service Control Manager 7036 None The Windows Modules Installer service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The System Event Notification Service service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The COM+ Event System service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The User Profile Service service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Group Policy Client service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Themes service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Windows Audio service entered the running state.

Classic 2/10/2010 12:42:11 AM Service Control Manager 7036 None The Windows Audio Endpoint Builder service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Multimedia Class Scheduler service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Windows Event Log service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The Remote Procedure Call (RPC) service entered the running state.

Classic 2/10/2010 12:42:10 AM Service Control Manager 7036 None The RPC Endpoint Mapper service entered the running state.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The DCOM Server Process Launcher service entered the running state.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The NVIDIA Display Driver Service service entered the running state.

2/10/2010 12:42:09 AM Microsoft-Windows-FilterManager 6 None File System Filter 'luafv' (6.1, ‎2009‎-‎07‎-‎13T18:26:13.000000000Z) has successfully loaded and registered with Filter Manager.

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The Power service entered the running state.

2/10/2010 12:42:09 AM Microsoft-Windows-UserPnp 20010 (7010)

Link to comment
Share on other sites

Event log file (cont.)

 

"One or more of the Plug and Play service's subsystems has changed state.

 

PlugPlay install subsystem enabled: 'true'

PlugPlay caching subsystem enabled: 'true'

"

Classic 2/10/2010 12:42:09 AM Service Control Manager 7036 None The Plug and Play service entered the running state.

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 7 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 5 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 3 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 1 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 6 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 4 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 2 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

2/10/2010 12:41:21 AM Microsoft-Windows-Kernel-Processor-Power 26 (4) "Processor 0 in group 0 exposes the following:

 

1 idle state(s)

10 performance state(s)

0 throttle state(s)"

(2) 2/10/2010 12:41:20 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Classic 2/10/2010 12:42:10 AM EventLog 6013 None The system uptime is 65 seconds.

Classic 2/10/2010 12:42:10 AM EventLog 6005 None The Event log service was started.

Classic 2/10/2010 12:42:10 AM EventLog 6009 None Microsoft ® Windows ® 6.01. 7600 Multiprocessor Free.

Classic 2/10/2010 12:42:10 AM EventLog 6008 None The previous system shutdown at 12:32:56 AM on ‎2/‎10/‎2010 was unexpected.

Classic 2/10/2010 12:42:10 AM EventLog 6011 None The NetBIOS name and DNS host name of this machine have been changed from SkyNET to SKYNET.

2/10/2010 12:41:09 AM Microsoft-Windows-FilterManager 6 None File System Filter 'FileInfo' (6.1, ‎2009‎-‎07‎-‎13T18:34:25.000000000Z) has successfully loaded and registered with Filter Manager.

2/10/2010 12:41:06 AM Microsoft-Windows-Kernel-General 12 None The operating system started at system time ‎2010‎-‎02‎-‎10T05:41:05.610798400Z.

Classic 2/10/2010 12:32:58 AM Service Control Manager 7036 None The Windows Installer service entered the running state.

2/10/2010 12:32:56 AM Microsoft-Windows-UserPnp 20003 (7005) Driver Management has concluded the process to add Service nvlddmkm for Device Instance ID PCI\VEN_10DE&DEV_05EB&SUBSYS_070510DE&REV_A1\6&38E4BF4&0&00100018 with the following status: 0.

2/10/2010 12:32:51 AM Microsoft-Windows-UserPnp 20003 (7005) Driver Management has concluded the process to add Service nvlddmkm for Device Instance ID PCI\VEN_10DE&DEV_05EB&SUBSYS_070510DE&REV_A1\6&AE164B5&0&00000018 with the following status: 0.

Classic 2/10/2010 12:32:30 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the stopped state.

Success,Installation 2/10/2010 12:31:55 AM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

Classic 2/10/2010 12:31:50 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Success,Installation 2/10/2010 12:31:50 AM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: Update for Windows 7 for x64-based Systems (KB974332)

Classic 2/10/2010 12:31:49 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:31:46 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:31:45 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:31:35 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Success,Download 2/10/2010 12:31:31 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Update for Windows 7 for x64-based Systems (KB974431)

- Security Update for Windows 7 fo

2/10/2010 12:31:30 AM Microsoft-Windows-UserPnp 20001 (7005) Driver Management concluded the process to install driver FileRepository\volsnap.inf_amd64_neutral_7499a4fac85b39fc\volsnap.inf for

Link to comment
Share on other sites

Event log file (cont.)

 

Device Instance ID STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2 with the following status: 0x0.

Classic 2/10/2010 12:31:27 AM Service Control Manager 7036 None The Microsoft Software Shadow Copy Provider service entered the running state.

Classic 2/10/2010 12:31:27 AM Service Control Manager 7036 None The Volume Shadow Copy service entered the running state.

Classic 2/10/2010 12:30:30 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the running state.

Classic 2/10/2010 12:28:45 AM Service Control Manager 7036 None The ActiveX Installer (AxInstSV) service entered the running state.

Classic 2/10/2010 12:26:07 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the stopped state.

Success,Download 2/10/2010 12:25:34 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Update for Windows 7 for x64-based Systems (KB974431)

- Security Update for Windows 7 fo

Success,Download 2/10/2010 12:25:26 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 fo

Success,Download 2/10/2010 12:25:26 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:19 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Update for Windows 7 for x64-based Systems (KB977074)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:19 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:14 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975560)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:14 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Security Update for Windows 7 for x64-based Systems (KB974571)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:14 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB972270)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:13 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:13 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Security Update for Windows 7 for x64-based Systems (KB978251)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:13 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975467)

- Update for Windows 7 for x64-based Systems (KB976098)

Success,Download 2/10/2010 12:25:12 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

- Security Update for Windows 7 for x64-based Systems (KB975467)

Success,Download 2/10/2010 12:25:12 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Security Update for Windows 7 for x64-based Systems (KB971468)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

Classic 2/10/2010 12:25:10 AM Service Control Manager 7040 None

Link to comment
Share on other sites

Event log file (cont.)

 

The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:25:08 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:25:05 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:59 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:55 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:49 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:47 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:45 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:43 AM Service Control Manager 7036 None The Windows Time service entered the stopped state.

Time 2/10/2010 12:24:43 AM Microsoft-Windows-Kernel-General 1 None The system time has changed to ‎2010‎-‎02‎-‎10T05:24:43.911000000Z from ‎2010‎-‎02‎-‎10T05:24:43.911887800Z.

2/10/2010 12:24:43 AM Microsoft-Windows-Time-Service 35 None The time service is now synchronizing the system time with the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123).

Classic 2/10/2010 12:24:42 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:41 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:39 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:36 AM Service Control Manager 7036 None The Microsoft Software Shadow Copy Provider service entered the stopped state.

Classic 2/10/2010 12:24:36 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:33 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Success,Download 2/10/2010 12:24:32 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

2/10/2010 12:24:29 AM Microsoft-Windows-Time-Service 37 None The time provider NtpClient is currently receiving valid time data from time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123).

Classic 2/10/2010 12:24:29 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:27 AM Service Control Manager 7036 None The Windows Time service entered the running state.

Success,Download 2/10/2010 12:24:27 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

Success,Download 2/10/2010 12:24:27 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

- Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)

Success,Download 2/10/2010 12:24:27 AM Microsoft-Windows-WindowsUpdateClient 18 Automatic Updates Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎Wednesday, ‎February ‎10, ‎2010 at 3:00 AM:

- Update for Windows 7 for x64-based Systems (KB974332)

Classic 2/10/2010 12:24:25 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:23 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:21 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:19 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:13 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:24:07 AM Display 4101 None Display driver nvlddmkm stopped responding and has successfully recovered.

Classic 2/10/2010 12:24:07 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:24:06 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the running state.

Classic 2/10/2010 12:23:27 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from auto start to demand start.

Classic 2/10/2010 12:23:23 AM Service Control Manager 7040 None The start type of the Windows Modules Installer service was changed from demand start to auto start.

Classic 2/10/2010 12:23:10 AM Service Control Manager 7036 None The Multimedia Class Scheduler service entered the running state.

Classic 2/10/2010 12:22:58 AM Service Control Manager 7036 None The Multimedia Class Scheduler service entered the stopped state.

Classic 2/10/2010 12:21:36 AM Service Control Manager 7036 None The Volume Shadow Copy service entered the stopped state.

Classic 2/10/2010 12:20:32 AM Service Control Manager 7036 None The Windows Error Reporting Service service entered the stopped state.

Classic 2/10/2010 12:19:17 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the stopped state.

Classic 2/10/2010 12:19:15 AM Service Control Manager 7036 None The Microsoft .NET Framework NGEN v2.0.50727_X64 service entered the stopped state.

Classic 2/10/2010 12:19:15 AM Service Control Manager 7040 None The start type of the Microsoft .NET Framework NGEN v2.0.50727_X64 service was changed from auto start to demand start.

Classic 2/10/2010 12:18:44 AM Service Control Manager 7036 None The Microsoft .NET Framework NGEN v2.0.50727_X86 service entered the stopped state.

Classic 2/10/2010 12:18:43 AM Service Control Manager 7040 None The start type of the Microsoft .NET Framework NGEN v2.0.50727_X86 service was changed from auto start to demand start.

Success,Installation 2/10/2010 12:18:42 AM Microsoft-Windows-WindowsUpdateClient 19 Windows Update Agent Installation Successful: Windows successfully installed the following update: ATK - system - ATK0110 ACPI UTILITY

2/10/2010 12:18:37 AM Microsoft-Windows-UserPnp 20001 (7005) Driver Management concluded the process to install driver FileRepository\atk2000.inf_amd64_neutral_a91abe245a6c41c8\atk2000.inf for Device Instance ID ACPI\ATK0110\1010110 with the following status: 0x0.

2/10/2010 12:18:36 AM Microsoft-Windows-UserPnp 20003 (7005) Driver Management has concluded the process to add Service MTsensor for Device Instance ID ACPI\ATK0110\1010110 with the following status: 0.

Classic 2/10/2010 12:18:33 AM Service Control Manager 7045 None

Link to comment
Share on other sites

Event log file (cont.) last

 

Classic 2/10/2010 3:09:18 AM Service Control Manager 7036 None The Network List Service service entered the running state.

Classic 2/10/2010 3:09:18 AM Service Control Manager 7036 None The Portable Device Enumerator Service service entered the running state.

Classic 2/10/2010 3:09:16 AM Service Control Manager 7036 None The Application Experience service entered the running state.

Classic 2/10/2010 3:09:16 AM Service Control Manager 7036 None The Diagnostic System Host service entered the running state.

Classic 2/10/2010 3:09:16 AM Service Control Manager 7036 None The Human Interface Device Access service entered the running state.

Classic 2/10/2010 3:09:15 AM Service Control Manager 7036 None The Diagnostic Service Host service entered the running state.

Classic 2/10/2010 3:09:15 AM Service Control Manager 7036 None The Server service entered the running state.

Classic 2/10/2010 3:09:14 AM Service Control Manager 7036 None The IP Helper service entered the running state.

Classic 2/10/2010 3:09:12 AM Service Control Manager 7036 None The Windows Management Instrumentation service entered the running state.

Classic 2/10/2010 3:09:11 AM Service Control Manager 7036 None The Distributed Link Tracking Client service entered the running state.

Classic 2/10/2010 3:09:11 AM Service Control Manager 7036 None The Superfetch service entered the running state.

Classic 2/10/2010 3:09:10 AM Service Control Manager 7036 None The Network Location Awareness service entered the running state.

Classic 2/10/2010 3:09:10 AM Service Control Manager 7036 None The Cryptographic Services service entered the running state.

Classic 2/10/2010 3:09:10 AM Service Control Manager 7036 None The Diagnostic Policy Service service entered the running state.

Classic 2/10/2010 3:09:10 AM Service Control Manager 7036 None The Program Compatibility Assistant Service service entered the running state.

2/10/2010 3:09:10 AM Microsoft-Windows-Application-Experience 201 None The Program Compatibility Assistant service started successfully.

Classic 2/10/2010 3:09:09 AM Service Control Manager 7036 None The Workstation service entered the running state.

Classic 2/10/2010 3:09:08 AM Service Control Manager 7036 None The Windows Firewall service entered the running state.

Classic 2/10/2010 3:09:07 AM Service Control Manager 7036 None The Base Filtering Engine service entered the running state.

Classic 2/10/2010 3:09:07 AM Service Control Manager 7036 None The Print Spooler service entered the running state.

Classic 2/10/2010 3:09:06 AM Service Control Manager 7036 None The Task Scheduler service entered the running state.

Classic 2/10/2010 3:09:06 AM Service Control Manager 7036 None The Shell Hardware Detection service entered the stopped state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The Shell Hardware Detection service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The DNS Client service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The DHCP Client service entered the running state.

2/10/2010 3:09:05 AM Microsoft-Windows-DHCPv6-Client 51046 Service State Event DHCPv6 client service is started

2/10/2010 3:09:05 AM Microsoft-Windows-Dhcp-Client 50036 Service State Event DHCPv4 client service is started

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The TCP/IP NetBIOS Helper service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The Network Store Interface Service service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The Security Accounts Manager service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The Desktop Window Manager Session Manager service entered the running state.

Classic 2/10/2010 3:09:05 AM Service Control Manager 7036 None The Windows Modules Installer service entered the running state.

Classic 2/10/2010 3:09:03 AM Service Control Manager 7036 None The System Event Notification Service service entered the running state.

Classic 2/10/2010 3:09:03 AM Service Control Manager 7036 None The COM+ Event System service entered the running state.

Classic 2/10/2010 3:09:03 AM Service Control Manager 7036 None The User Profile Service service entered the running state.

Classic 2/10/2010 3:09:03 AM Service Control Manager 7036 None The Group Policy Client service entered the running state.

Classic 2/10/2010 3:09:03 AM Service Control Manager 7036 None The Themes service entered the running state.

Classic 2/10/2010 3:09:02 AM Service Control Manager 7036 None The Windows Audio service entered the running state.

Classic 2/10/2010 3:09:02 AM Service Control Manager 7036 None The Windows Audio Endpoint Builder service entered the running state.

Classic 2/10/2010 3:09:01 AM Service Control Manager 7036 None The Multimedia Class Scheduler service entered the running state.

Classic 2/10/2010 3:09:01 AM Service Control Manager 7036 None The Windows Event Log service entered the running state.

2/10/2010 3:09:01 AM Microsoft-Windows-FilterManager 6 None File System Filter 'luafv' (6.1, ‎2009‎-‎07‎-‎13T15:26:13.000000000Z) has successfully loaded and registered with Filter Manager.

Classic 2/10/2010 3:09:00 AM Service Control Manager 7040 None The start type of the Serial service was changed from system start to demand start.

Classic 2/10/2010 3:09:00 AM Service Control Manager 7040 None The start type of the isapnp service was changed from boot start to demand start.

Classic 2/10/2010 3:09:00 AM Service Control Manager 7040 None The start type of the nvraid service was changed from boot start to demand start.

Classic 2/10/2010 3:09:00 AM Service Control Manager 7040 None The start type of the Wd service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the sbp2port service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the Compbatt service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the msahci service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the HpSAMD service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the LSI_SCSI service was changed from boot start to demand start.

Classic 2/10/2010 3:08:59 AM Service Control Manager 7040 None The start type of the LSI_SAS service was changed from boot start to demand start.

Classic 2/10/2010 3:08:58 AM Service Control Manager 7040 None The start type of the MegaSR service was changed from boot start to demand start.

Classic 2/10/2010 3:08:58 AM Service Control Manager 7040 None The start type of the megasas service was changed from boot start to demand start.

Classic 2/10/2010 3:08:58 AM Service Control Manager 7040 None The start type of the LSI_SAS2 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:58 AM Service Control Manager 7040 None The start type of the LSI_FC service was changed from boot start to demand start.

Classic 2/10/2010 3:08:58 AM Service Control Manager 7040 None The start type of the amdsbs service was changed from boot start to demand start.

Classic 2/10/2010 3:08:57 AM Service Control Manager 7040 None The start type of the amdsata service was changed from boot start to demand start.

Classic 2/10/2010 3:08:57 AM Service Control Manager 7040 None The start type of the nfrd960 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:57 AM Service Control Manager 7040 None The start type of the amdide service was changed from boot start to demand start.

Classic 2/10/2010 3:08:57 AM Service Control Manager 7040 None The start type of the SiSRaid2 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:57 AM Service Control Manager 7040 None The start type of the SiSRaid4 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the stexstor service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the ql2300 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the ql40xx service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the cmdide service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the aliide service was changed from boot start to demand start.

Classic 2/10/2010 3:08:56 AM Service Control Manager 7040 None The start type of the nvstor service was changed from boot start to demand start.

Classic 2/10/2010 3:08:55 AM Service Control Manager 7040 None The start type of the elxstor service was changed from boot start to demand start.

Classic 2/10/2010 3:08:55 AM Service Control Manager 7040 None The start type of the viaide service was changed from boot start to demand start.

Classic 2/10/2010 3:08:55 AM Service Control Manager 7040 None The start type of the vsmraid service was changed from boot start to demand start.

Classic 2/10/2010 3:08:55 AM Service Control Manager 7040 None The start type of the iirsp service was changed from boot start to demand start.

Classic 2/10/2010 3:08:55 AM Service Control Manager 7040 None The start type of the intelide service was changed from boot start to demand start.

Classic 2/10/2010 3:08:54 AM Service Control Manager 7040 None The start type of the iaStorV service was changed from boot start to demand start.

Classic 2/10/2010 3:08:54 AM Service Control Manager 7040 None The start type of the adpahci service was changed from boot start to demand start.

Classic 2/10/2010 3:08:54 AM Service Control Manager 7040 None The start type of the arc service was changed from boot start to demand start.

Classic 2/10/2010 3:08:54 AM Service Control Manager 7040 None The start type of the arcsas service was changed from boot start to demand start.

Classic 2/10/2010 3:08:54 AM Service Control Manager 7040 None The start type of the adp94xx service was changed from boot start to demand start.

Classic 2/10/2010 3:08:53 AM Service Control Manager 7040 None The start type of the adpu320 service was changed from boot start to demand start.

Classic 2/10/2010 3:08:53 AM Service Control Manager 7040 None The start type of the mpio service was changed from boot start to demand start.

Classic 2/10/2010 3:08:52 AM Service Control Manager 7040 None The start type of the msdsm service was changed from boot start to demand start.

Classic 2/10/2010 3:08:38 AM Service Control Manager 7036 None The Remote Procedure Call (RPC) service entered the running state.

Classic 2/10/2010 3:08:37 AM Service Control Manager 7036 None The RPC Endpoint Mapper service entered the running state.

Classic 2/10/2010 3:08:37 AM Service Control Manager 7036 None The DCOM Server Process Launcher service entered the running state.

Classic 2/10/2010 3:08:37 AM Service Control Manager 7036 None The Power service entered the running state.

2/10/2010 3:08:36 AM Microsoft-Windows-UserPnp 20010 (7010) "One or more of the Plug and Play service's subsystems has changed state.

 

PlugPlay install subsystem enabled: 'true'

PlugPlay caching subsystem enabled: 'true'

"

Link to comment
Share on other sites

Just help with posting

 

ty for you help much appreciated .8-)

 

Who has been helping you??

 

Hi Superdave :smile:

 

Sorry for the confusion, morgan46 posted a log that was too long and got a blank post so I sent morgan46 a PM explaining this and how to fix it.

I then moved this thread from IObit Security 360 section to here.

I haven't given any assistance in Malware removal.

 

So the thanks is to me for that help with posting and probably thanks in advance to you for your help

 

All the best, woz of oz

Link to comment
Share on other sites

Hi Superdave :smile:

 

Sorry for the confusion, morgan46 posted a log that was too long and got a blank post so I sent morgan46 a PM explaining this and how to fix it.

I then moved this thread from IObit Security 360 section to here.

I haven't given any assistance in Malware removal.

 

So the thanks is to me for that help with posting and probably thanks in advance to you for your help

 

All the best, woz of oz

So, does he still need help?

Link to comment
Share on other sites

wow

 

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 23:53:12, on 2011-1-20

 

Running processes:

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

?????????

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\D-Link\DWA-130 revE\wirelesscm.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe

C:\Program Files (x86)\IObit\IObit Security 360\is360.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files (x86)\IObit\IObit Security 360\a_hijackscan.exe

 

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart

O23 - Service: Bigfoot Networks Killer Service (Bigfoot Networks Killer Service) - Unknown - C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Norton DNS (Norton DNS) - Symantec Corporation - C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

O23 - Service: Norton PC Checkup Application Launcher (Norton PC Checkup Application Launcher) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Symantec RemoteAssist (Symantec RemoteAssist) - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: WlanWpsSvc (WlanWpsSvc) - Unknown - C:\Program Files (x86)\D-Link\DWA-130 revE\WlanWpsSvc.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

sure is a lot of unknows in this log file

Link to comment
Share on other sites

lol

 

Who has been helping you??

 

i was useing norton . did 4 live chat s with them. 2 norton tech guys fixed problems for like 6 hours then setings would change again lol am ready to load shoot gun and blow pc up sad thing is i got pc to play cod black ops played it for like a week .

Link to comment
Share on other sites

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

******************************************************

The DDS log shows you're running two Anti-Virus programs at once; Microsoft Security Essentials and AVG Anti-Virus Free Edition 2011. This is a no-no. One will have to be disabled/removed. I would get rid of AVG. MSE is much better and not a resource hog.

Please tell me exactly what your problems are and please do not use chat language.

 

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

***************************************

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

***************************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Unzip SecurityCheck.zip and a folder named Security Check should appear.

* Open the Security Check folder and double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Link to comment
Share on other sites

hello new to this but i have been having same problems for over 3 years was into online gaming for many years last 8 years playing all call of duty games in twl on the number 1 squad in twl for years the last 3 years it seems like some 1 else has control over my pc have moved 4 times in 8 years every location is new ip but yet my settings will change in all the important files that you need like the exe. files it is driving me nuts and last night i went back to advanced system care. and also got the 360 took norton off pc and put avg did a scan with hijack this and all my exe. files was in chinese pls help me catch this hacker r who ever what ever has control over my pc .if possible would love to know where i am getting hacked from.

 

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 01/24/2011 at 02:56 AM

 

Application Version : 4.48.1000

 

Core Rules Database Version : 6260

Trace Rules Database Version: 4072

 

Scan type : Complete Scan

Total Scan Time : 00:16:15

 

Memory items scanned : 619

Memory threats detected : 0

Registry items scanned : 11965

Registry threats detected : 0

File items scanned : 89016

File threats detected : 0

Link to comment
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

http://www.malwarebytes.org

 

Database version: 5587

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

1/24/2011 2:22:44 AM

mbam-log-2011-01-24 (02-22-16).txt

 

Scan type: Full scan (C:\|)

Objects scanned: 234653

Time elapsed: 11 minute(s), 48 second(s)

 

Memory Processes Infected: 1

Memory Modules Infected: 1

Registry Keys Infected: 5

Registry Values Infected: 6

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 5

 

Memory Processes Infected:

c:\program files (x86)\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 4280 -> No action taken.

 

Memory Modules Infected:

c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.

 

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> No action taken.

 

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken.

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.

c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> No action taken.

c:\program files (x86)\iobit toolbar\IE\4.1\iobittoolbarie.dll (PUP.Dealio) -> No action taken.

c:\program files (x86)\iobit toolbar\widgihelper.exe (PUP.Dealio) -> No action taken.

c:\program files (x86)\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> No action taken.

Link to comment
Share on other sites

Results of screen317's Security Check version 0.99.8

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 23

Adobe Flash Player 10.1.102.64

Mozilla Firefox (3.6.13)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Malwarebytes' Anti-Malware mbam.exe

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe

Microsoft Security Client Antimalware NisSrv.exe

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

``````````End of Log````````````

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...