https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Upon visiting www.livernoismotorsports.com tonight, MSE popped up with the following below. However, when I hit "Remove", it would come back saying nothing was found and all was fine. I then updated my Java from version 22 to 23 (latest), as well as MSE to the latest definition from today, and then upon revisiting the website above there weren't any issues this time.
Java/CVE-2010-0840.W
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommendation: Remove this software immediately.
Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.
Items:
file:C:\Users\James Parker\AppData\Local\Temp\jar_cache53302636819750324.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache1122406371245836493.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache4528957759937422929.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache53302636819750324.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache5539500176732367532.tmp->bpac/a.class
Get more information about this item online.
Here are the requested scans:
Step 2: TFC ran.
Step 3: Malwarebytes Anti-Malware updated and ran with no infections found. Log below.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5382
Windows 6.1.7600
Internet Explorer 9.0.7930.16406
12/22/2010 11:13:26 PM
mbam-log-2010-12-22 (23-13-26).txt
Scan type: Quick scan
Objects scanned: 165936
Time elapsed: 3 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Step 4: GMER ran. Log below.
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-22 23:40:23
Windows 6.1.7600
Running: vfjybj22.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e4ce6e7a7
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e4ce6e7a7@000761a910f4 0x49 0xB0 0x9F 0xD5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?APC UPS Service?wltrys
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 4372
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e4ce6e7a7 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e4ce6e7a7@000761a910f4 0x49 0xB0 0x9F 0xD5 ...
Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?APC UPS Service?wltrys
---- EOF - GMER 1.0.15 ----
Step 5: DDS ran. Logs below.
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by James Parker at 23:42:53.48 on Wed 12/22/2010
Internet Explorer: 9.0.7930.16406
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4030.2149 [GMT -7:00]
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AOL Desktop 9.6a\waol.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\aol\1270162693\ee\aolsoftware.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\OEM05Mon.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\AOL Desktop 9.6a\shellmon.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\James Parker\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uSearch Bar =
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.6a\AOL.EXE" -b
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1270162693\ee\AOLSoftware.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe
mRun: [<NO NAME>]
mRun: [Display] C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
dRun: [CtxfiReg] CTXFIREG.exe /FAIL1
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1278269957501
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.11.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
mRun-x64: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
IE-X64: {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
Hosts: 74.208.10.249 gs.apple.com
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-12-2 173984]
R1 StarPortLite;StarPort Storage Controller (Lite);C:\Windows\System32\drivers\StarPortLite.sys [2010-9-29 118888]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/15 20:57:43];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-8-26 146928]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2010/10/15 19:05:03];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2010-10-15 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-26 203776]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-31 13336]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-26 8012288]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-26 287232]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-5-6 202840]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-5-6 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-5-6 94808]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-12-2 40832]
R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;C:\Windows\System32\drivers\OEM05Afx.sys [2007-6-8 212864]
R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;C:\Windows\System32\drivers\OEM05Vfx.sys [2007-3-5 12288]
R3 OEM05Vid;Creative Camera OEM005 Driver;C:\Windows\System32\drivers\OEM05Vid.sys [2007-7-20 266720]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-2-17 67656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-4-23 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-4-23 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-5-6 202840]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-5-6 1417304]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-5-6 94808]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-8-20 48480]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2010-3-16 21504]
S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-2-17 12872]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2010-4-1 16384]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-31 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
=============== Created Last 30 ================
2010-12-23 06:41:46 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{BDFD0D35-BA36-4C61-8B03-8D276F011E6B}\mpengine.dll
2010-12-22 19:16:13 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{889D1EA5-239E-4994-8BD3-6064E81D8A65}
2010-12-22 07:15:18 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{B13BA51C-D583-4068-BA62-6476E99E9709}
2010-12-21 19:14:52 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{7CCCCF26-8982-4A49-85D8-C7BED676C69E}
2010-12-21 07:11:15 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{67FFD6F2-FDCA-46B1-83EB-D0FDB466353C}
2010-12-20 19:05:52 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{3B67991C-06E6-4B40-A33E-33851B29DE92}
2010-12-19 19:05:28 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{15D45BEF-F122-499C-9AC9-CEA968A5659F}
2010-12-18 21:13:09 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{84E17DEF-6ED3-49E2-9C70-DA0D2A259288}
2010-12-17 20:04:04 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{89CBA94D-0F41-466B-8B2F-CAFCACA8F4B9}
2010-12-17 03:47:22 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{25486F33-0503-4607-A7E6-68D582E770FF}
2010-12-16 22:58:14 40816 ----a-w- C:\Windows\System32\drivers\ElbyCDIO.sys
2010-12-16 15:46:57 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{79842EC5-5C9E-401A-8625-6A8FC30D5C91}
2010-12-16 02:38:06 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{76D4B927-EF5D-401B-8AAD-12643A55D5B7}
2010-12-15 19:12:58 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 19:12:58 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-15 19:12:58 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 19:12:57 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-15 14:37:54 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{E9426FBD-3685-41D7-A2D9-167B6865C9AC}
2010-12-15 00:18:21 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4812FA3A-C11C-4F72-86B9-149EBC384917}
2010-12-14 08:58:51 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{5E7DE247-7935-466E-8C4B-DDD43B59936E}
2010-12-13 20:58:16 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{AA5D5477-D01C-4471-B6AB-4CBBAE503603}
2010-12-13 07:06:27 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{79F865B3-4F62-47B3-B29B-80D5F42D4BB7}
2010-12-12 19:05:59 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{19AEF55C-EE81-4BFF-9B16-DF7FD9F35CA3}
2010-12-12 04:19:28 -------- d-----w- C:\Program Files (x86)\HP Tuners
2010-12-11 23:58:51 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4ED57F45-FD2D-480D-B357-4EDC87DF5D4A}
2010-12-11 23:37:32 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4364E738-8B1A-48B9-BA33-B3BED293724C}
2010-12-11 07:47:12 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{1AE9D01C-8F8C-478F-999A-53A7C94EFF51}
2010-12-03 00:13:15 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{34B03887-FB47-45D0-A4E7-8A9A60A036F4}
2010-12-02 08:40:06 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{118F997B-6F17-4FDB-AA7D-7FF8EB5162CC}
2010-12-02 08:08:50 -------- d-----w- C:\Windows\en
2010-12-02 08:05:45 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-12-02 08:05:45 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-12-02 08:05:44 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-12-02 08:05:44 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-12-02 08:05:24 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-12-02 08:05:24 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-12-02 08:05:15 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a67d1bd11cb91f704\MeshBetaRemover.exe
2010-12-01 19:06:31 125512 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys
2010-12-01 19:06:31 125512 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys
2010-11-25 18:29:05 89256 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll
2010-11-25 10:01:02 2381824 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-25 10:01:02 2381824 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-25 10:01:00 1502208 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-11-25 10:01:00 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
==================== Find3M ====================
2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-17 12:44:06 58696 ----a-w- C:\Windows\SysWow64\AOLParconLink.exe
2010-11-13 01:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-10 09:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-11-10 09:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-27 04:00:14 8012288 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2010-10-27 03:25:36 21422592 ----a-w- C:\Windows\System32\atio6axx.dll
2010-10-27 03:08:16 16281600 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2010-10-27 02:55:30 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2010-10-27 02:55:22 547328 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2010-10-27 02:54:22 645120 ----a-w- C:\Windows\System32\aticfx64.dll
2010-10-27 02:52:18 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2010-10-27 02:52:12 478208 ----a-w- C:\Windows\System32\atieclxx.exe
2010-10-27 02:51:36 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2010-10-27 02:50:28 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2010-10-27 02:50:14 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2010-10-27 02:50:08 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2010-10-27 02:49:56 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2010-10-27 02:49:52 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2010-10-27 02:49:48 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2010-10-27 02:49:44 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2010-10-27 02:46:56 4020736 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2010-10-27 02:38:02 4744704 ----a-w- C:\Windows\System32\atidxx64.dll
2010-10-27 02:35:28 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2010-10-27 02:35:26 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2010-10-27 02:35:18 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2010-10-27 02:35:16 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2010-10-27 02:35:06 6815744 ----a-w- C:\Windows\System32\aticaldd64.dll
2010-10-27 02:33:50 5441536 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2010-10-27 02:28:20 4094464 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2010-10-27 02:22:02 5218304 ----a-w- C:\Windows\System32\atiumd64.dll
2010-10-27 02:14:58 58880 ----a-w- C:\Windows\System32\coinst.dll
2010-10-27 02:14:56 349184 ----a-w- C:\Windows\System32\atiadlxx.dll
2010-10-27 02:14:50 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2010-10-27 02:14:42 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2010-10-27 02:14:40 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2010-10-27 02:14:40 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2010-10-27 02:14:36 31744 ----a-w- C:\Windows\System32\atig6txx.dll
2010-10-27 02:14:30 27136 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2010-10-27 02:14:22 287232 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2010-10-27 02:13:42 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2010-10-27 02:13:34 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2010-10-27 02:13:28 37888 ----a-w- C:\Windows\System32\atiu9p64.dll
2010-10-27 02:13:22 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2010-10-27 02:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2010-10-27 01:57:02 3221504 ----a-w- C:\Windows\System32\atiumd6a.dll
2010-10-27 01:50:08 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2010-10-27 01:37:16 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2010-10-27 01:37:16 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2010-10-27 01:37:12 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2010-10-27 01:37:12 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-10-14 04:50:40 11344 ----a-w- C:\Windows\SysWow64\wdapi921.dll
2010-09-24 12:46:32 116752 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
============= FINISH: 23:43:29.72 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 3/31/2010 11:54:01 PM
System Uptime: 12/22/2010 11:06:18 PM (0 hours ago)
Motherboard: Dell Inc. | | 0TP406
Processor: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz | CPU | 2660/1333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 451 GiB total, 133.194 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 9.813 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
K: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&343316A1&1&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&343316A1&1&02
Service: vwifimp
==== System Restore Points ===================
RP325: 12/11/2010 9:19:03 PM - Installed HP Tuners VCM Suite 2.23.
RP326: 12/12/2010 1:11:51 AM - Windows Update
RP327: 12/13/2010 7:56:52 AM - Windows Update
RP328: 12/14/2010 5:27:58 PM - Windows Update
RP329: 12/15/2010 5:37:37 PM - Windows Update
RP330: 12/16/2010 3:00:31 AM - Windows Update
RP331: 12/16/2010 8:43:11 PM - Windows Update
RP332: 12/19/2010 10:38:05 AM - Windows Update
RP333: 12/20/2010 11:47:59 AM - Windows Update
RP334: 12/21/2010 12:21:59 PM - Windows Update
RP335: 12/22/2010 12:26:16 PM - Windows Update
RP336: 12/22/2010 10:18:54 PM - Installed Java(TM) 6 Update 23
RP337: 12/22/2010 10:32:35 PM - Windows Update
==== Installed Programs ======================
µTorrent
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.1
Advantage III
AnyDVD
AOL Uninstaller (Choose which Products to Remove)
APC PowerChute Personal Edition v2.2
Apple Application Support
Apple Software Update
ATI Catalyst Registration
AVS Video Converter 7
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CloneDVD2
Coupon Printer for Windows
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7
CuteFTP 8 Professional
CyberLink PowerDVD 10
D3DX10
Dell Driver Download Manager
erLT
Facebook Plug-In
Feedback Tool
Handbrake 0.9.4
HiDownloadPlatinum
HP Tuners VCM Suite 2.23
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Internet TV for Windows Media Center
iPhoneBrowser
Java Auto Updater
Java(TM) 6 Update 23
Junk Mail filter update
LimeWire 5.5.8
LiveLink 6
Logitech SetPoint
Malwarebytes' Anti-Malware
Mesh Runtime
Messenger Companion
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Social Connector 32-bit
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Netflix in Windows Media Center
OpenAL
OpenOffice.org 3.2
PDF Settings CS5
PowerDVD DX
QuickBooks Pro 2008
QuickTime
RealPlayer
RealUpgrade 1.0
Rosetta Stone Version 3
RTC Client API v1.2
SCT Device Updater
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SoundFont Bank Manager
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
System Requirements Lab for Intel
uberOptions 4.80.5
Uninstall AOL Emergency Connect Utility 1.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
URL Helper
Viewpoint Media Player
VirtualCloneDrive
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
WinPcap 4.1.1
WinPEP 7
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
12/22/2010 9:51:10 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 9:48:50 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 9:45:14 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 11:06:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
12/22/2010 11:06:26 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/22/2010 11:06:26 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/22/2010 10:55:10 PM, Error: Service Control Manager [7034] - The Creative Audio Service service terminated unexpectedly. It has done this 1 time(s).
12/22/2010 10:25:07 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
12/22/2010 10:25:04 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
12/21/2010 12:13:55 PM, Error: BTHUSB [19] - Windows detected an error while storing the Bluetooth link key for adapter address (00:07:61:a9:10:f4) on the local adapter. The event contains the vendor-specific error code.
12/21/2010 12:11:46 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
12/17/2010 11:33:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.1960.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee2 Error description: The operation timed out
==== End Of File ===========================
Thanks for your help in advance!
BfB
Upon visiting www.livernoismotorsports.com tonight, MSE popped up with the following below. However, when I hit "Remove", it would come back saying nothing was found and all was fine. I then updated my Java from version 22 to 23 (latest), as well as MSE to the latest definition from today, and then upon revisiting the website above there weren't any issues this time.
Java/CVE-2010-0840.W
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommendation: Remove this software immediately.
Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.
Items:
file:C:\Users\James Parker\AppData\Local\Temp\jar_cache53302636819750324.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache1122406371245836493.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache4528957759937422929.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache53302636819750324.tmp->bpac/a.class
file:C:\Users\JAMESP~1\AppData\Local\Temp\jar_cache5539500176732367532.tmp->bpac/a.class
Get more information about this item online.
Here are the requested scans:
Step 2: TFC ran.
Step 3: Malwarebytes Anti-Malware updated and ran with no infections found. Log below.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5382
Windows 6.1.7600
Internet Explorer 9.0.7930.16406
12/22/2010 11:13:26 PM
mbam-log-2010-12-22 (23-13-26).txt
Scan type: Quick scan
Objects scanned: 165936
Time elapsed: 3 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Step 4: GMER ran. Log below.
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-22 23:40:23
Windows 6.1.7600
Running: vfjybj22.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e4ce6e7a7
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001e4ce6e7a7@000761a910f4 0x49 0xB0 0x9F 0xD5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?APC UPS Service?wltrys
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 4372
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e4ce6e7a7 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001e4ce6e7a7@000761a910f4 0x49 0xB0 0x9F 0xD5 ...
Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?APC UPS Service?wltrys
---- EOF - GMER 1.0.15 ----
Step 5: DDS ran. Logs below.
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by James Parker at 23:42:53.48 on Wed 12/22/2010
Internet Explorer: 9.0.7930.16406
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4030.2149 [GMT -7:00]
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AOL Desktop 9.6a\waol.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\aol\1270162693\ee\aolsoftware.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\OEM05Mon.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\AOL Desktop 9.6a\shellmon.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\James Parker\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uSearch Bar =
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.6a\AOL.EXE" -b
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1270162693\ee\AOLSoftware.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe
mRun: [<NO NAME>]
mRun: [Display] C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
dRun: [CtxfiReg] CTXFIREG.exe /FAIL1
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1278269957501
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.11.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
mRun-x64: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
IE-X64: {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
Hosts: 74.208.10.249 gs.apple.com
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-12-2 173984]
R1 StarPortLite;StarPort Storage Controller (Lite);C:\Windows\System32\drivers\StarPortLite.sys [2010-9-29 118888]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/15 20:57:43];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-8-26 146928]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2010/10/15 19:05:03];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2010-10-15 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-26 203776]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-31 13336]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-26 8012288]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-26 287232]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-5-6 202840]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-5-6 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-5-6 94808]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-12-2 40832]
R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;C:\Windows\System32\drivers\OEM05Afx.sys [2007-6-8 212864]
R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;C:\Windows\System32\drivers\OEM05Vfx.sys [2007-3-5 12288]
R3 OEM05Vid;Creative Camera OEM005 Driver;C:\Windows\System32\drivers\OEM05Vid.sys [2007-7-20 266720]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-2-17 67656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-4-23 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-4-23 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-5-6 202840]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-5-6 1417304]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-5-6 94808]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-8-20 48480]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2010-3-16 21504]
S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-2-17 12872]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2010-4-1 16384]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-31 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
=============== Created Last 30 ================
2010-12-23 06:41:46 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{BDFD0D35-BA36-4C61-8B03-8D276F011E6B}\mpengine.dll
2010-12-22 19:16:13 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{889D1EA5-239E-4994-8BD3-6064E81D8A65}
2010-12-22 07:15:18 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{B13BA51C-D583-4068-BA62-6476E99E9709}
2010-12-21 19:14:52 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{7CCCCF26-8982-4A49-85D8-C7BED676C69E}
2010-12-21 07:11:15 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{67FFD6F2-FDCA-46B1-83EB-D0FDB466353C}
2010-12-20 19:05:52 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{3B67991C-06E6-4B40-A33E-33851B29DE92}
2010-12-19 19:05:28 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{15D45BEF-F122-499C-9AC9-CEA968A5659F}
2010-12-18 21:13:09 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{84E17DEF-6ED3-49E2-9C70-DA0D2A259288}
2010-12-17 20:04:04 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{89CBA94D-0F41-466B-8B2F-CAFCACA8F4B9}
2010-12-17 03:47:22 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{25486F33-0503-4607-A7E6-68D582E770FF}
2010-12-16 22:58:14 40816 ----a-w- C:\Windows\System32\drivers\ElbyCDIO.sys
2010-12-16 15:46:57 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{79842EC5-5C9E-401A-8625-6A8FC30D5C91}
2010-12-16 02:38:06 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{76D4B927-EF5D-401B-8AAD-12643A55D5B7}
2010-12-15 19:12:58 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 19:12:58 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-15 19:12:58 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 19:12:57 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-15 14:37:54 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{E9426FBD-3685-41D7-A2D9-167B6865C9AC}
2010-12-15 00:18:21 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4812FA3A-C11C-4F72-86B9-149EBC384917}
2010-12-14 08:58:51 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{5E7DE247-7935-466E-8C4B-DDD43B59936E}
2010-12-13 20:58:16 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{AA5D5477-D01C-4471-B6AB-4CBBAE503603}
2010-12-13 07:06:27 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{79F865B3-4F62-47B3-B29B-80D5F42D4BB7}
2010-12-12 19:05:59 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{19AEF55C-EE81-4BFF-9B16-DF7FD9F35CA3}
2010-12-12 04:19:28 -------- d-----w- C:\Program Files (x86)\HP Tuners
2010-12-11 23:58:51 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4ED57F45-FD2D-480D-B357-4EDC87DF5D4A}
2010-12-11 23:37:32 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{4364E738-8B1A-48B9-BA33-B3BED293724C}
2010-12-11 07:47:12 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{1AE9D01C-8F8C-478F-999A-53A7C94EFF51}
2010-12-03 00:13:15 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{34B03887-FB47-45D0-A4E7-8A9A60A036F4}
2010-12-02 08:40:06 -------- d-----w- C:\Users\JAMESP~1\AppData\Local\{118F997B-6F17-4FDB-AA7D-7FF8EB5162CC}
2010-12-02 08:08:50 -------- d-----w- C:\Windows\en
2010-12-02 08:05:45 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-12-02 08:05:45 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-12-02 08:05:44 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-12-02 08:05:44 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-12-02 08:05:24 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-12-02 08:05:24 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-12-02 08:05:15 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a67d1bd11cb91f704\MeshBetaRemover.exe
2010-12-01 19:06:31 125512 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys
2010-12-01 19:06:31 125512 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys
2010-11-25 18:29:05 89256 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll
2010-11-25 10:01:02 2381824 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-25 10:01:02 2381824 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-25 10:01:00 1502208 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-11-25 10:01:00 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
==================== Find3M ====================
2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-17 12:44:06 58696 ----a-w- C:\Windows\SysWow64\AOLParconLink.exe
2010-11-13 01:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-10 09:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-11-10 09:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-27 04:00:14 8012288 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2010-10-27 03:25:36 21422592 ----a-w- C:\Windows\System32\atio6axx.dll
2010-10-27 03:08:16 16281600 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2010-10-27 02:55:30 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2010-10-27 02:55:22 547328 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2010-10-27 02:54:22 645120 ----a-w- C:\Windows\System32\aticfx64.dll
2010-10-27 02:52:18 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2010-10-27 02:52:12 478208 ----a-w- C:\Windows\System32\atieclxx.exe
2010-10-27 02:51:36 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2010-10-27 02:50:28 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2010-10-27 02:50:14 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2010-10-27 02:50:08 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2010-10-27 02:49:56 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2010-10-27 02:49:52 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2010-10-27 02:49:48 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2010-10-27 02:49:44 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2010-10-27 02:46:56 4020736 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2010-10-27 02:38:02 4744704 ----a-w- C:\Windows\System32\atidxx64.dll
2010-10-27 02:35:28 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2010-10-27 02:35:26 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2010-10-27 02:35:18 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2010-10-27 02:35:16 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2010-10-27 02:35:06 6815744 ----a-w- C:\Windows\System32\aticaldd64.dll
2010-10-27 02:33:50 5441536 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2010-10-27 02:28:20 4094464 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2010-10-27 02:22:02 5218304 ----a-w- C:\Windows\System32\atiumd64.dll
2010-10-27 02:14:58 58880 ----a-w- C:\Windows\System32\coinst.dll
2010-10-27 02:14:56 349184 ----a-w- C:\Windows\System32\atiadlxx.dll
2010-10-27 02:14:50 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2010-10-27 02:14:42 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2010-10-27 02:14:40 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2010-10-27 02:14:40 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2010-10-27 02:14:36 31744 ----a-w- C:\Windows\System32\atig6txx.dll
2010-10-27 02:14:30 27136 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2010-10-27 02:14:22 287232 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2010-10-27 02:13:42 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2010-10-27 02:13:34 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2010-10-27 02:13:28 37888 ----a-w- C:\Windows\System32\atiu9p64.dll
2010-10-27 02:13:22 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2010-10-27 02:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2010-10-27 01:57:02 3221504 ----a-w- C:\Windows\System32\atiumd6a.dll
2010-10-27 01:50:08 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2010-10-27 01:37:16 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2010-10-27 01:37:16 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2010-10-27 01:37:12 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2010-10-27 01:37:12 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-10-14 04:50:40 11344 ----a-w- C:\Windows\SysWow64\wdapi921.dll
2010-09-24 12:46:32 116752 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
============= FINISH: 23:43:29.72 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 3/31/2010 11:54:01 PM
System Uptime: 12/22/2010 11:06:18 PM (0 hours ago)
Motherboard: Dell Inc. | | 0TP406
Processor: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz | CPU | 2660/1333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 451 GiB total, 133.194 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 9.813 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
K: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&343316A1&1&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&343316A1&1&02
Service: vwifimp
==== System Restore Points ===================
RP325: 12/11/2010 9:19:03 PM - Installed HP Tuners VCM Suite 2.23.
RP326: 12/12/2010 1:11:51 AM - Windows Update
RP327: 12/13/2010 7:56:52 AM - Windows Update
RP328: 12/14/2010 5:27:58 PM - Windows Update
RP329: 12/15/2010 5:37:37 PM - Windows Update
RP330: 12/16/2010 3:00:31 AM - Windows Update
RP331: 12/16/2010 8:43:11 PM - Windows Update
RP332: 12/19/2010 10:38:05 AM - Windows Update
RP333: 12/20/2010 11:47:59 AM - Windows Update
RP334: 12/21/2010 12:21:59 PM - Windows Update
RP335: 12/22/2010 12:26:16 PM - Windows Update
RP336: 12/22/2010 10:18:54 PM - Installed Java(TM) 6 Update 23
RP337: 12/22/2010 10:32:35 PM - Windows Update
==== Installed Programs ======================
µTorrent
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.1
Advantage III
AnyDVD
AOL Uninstaller (Choose which Products to Remove)
APC PowerChute Personal Edition v2.2
Apple Application Support
Apple Software Update
ATI Catalyst Registration
AVS Video Converter 7
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CloneDVD2
Coupon Printer for Windows
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7
CuteFTP 8 Professional
CyberLink PowerDVD 10
D3DX10
Dell Driver Download Manager
erLT
Facebook Plug-In
Feedback Tool
Handbrake 0.9.4
HiDownloadPlatinum
HP Tuners VCM Suite 2.23
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Internet TV for Windows Media Center
iPhoneBrowser
Java Auto Updater
Java(TM) 6 Update 23
Junk Mail filter update
LimeWire 5.5.8
LiveLink 6
Logitech SetPoint
Malwarebytes' Anti-Malware
Mesh Runtime
Messenger Companion
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Social Connector 32-bit
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Netflix in Windows Media Center
OpenAL
OpenOffice.org 3.2
PDF Settings CS5
PowerDVD DX
QuickBooks Pro 2008
QuickTime
RealPlayer
RealUpgrade 1.0
Rosetta Stone Version 3
RTC Client API v1.2
SCT Device Updater
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SoundFont Bank Manager
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
System Requirements Lab for Intel
uberOptions 4.80.5
Uninstall AOL Emergency Connect Utility 1.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
URL Helper
Viewpoint Media Player
VirtualCloneDrive
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
WinPcap 4.1.1
WinPEP 7
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
12/22/2010 9:51:10 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 9:48:50 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 9:45:14 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Java/CVE-2010-0840.W&threatid=2147641020 User: JamesParker-PC\James Parker Name: Exploit:Java/CVE-2010-0840.W ID: 2147641020 Severity: Severe Category: Exploit Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.95.2390.0, AS: 1.95.2390.0 Engine Version: 1.1.6402.0
12/22/2010 11:06:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
12/22/2010 11:06:26 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/22/2010 11:06:26 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/22/2010 10:55:10 PM, Error: Service Control Manager [7034] - The Creative Audio Service service terminated unexpectedly. It has done this 1 time(s).
12/22/2010 10:25:07 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
12/22/2010 10:25:04 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
12/21/2010 12:13:55 PM, Error: BTHUSB [19] - Windows detected an error while storing the Bluetooth link key for adapter address (00:07:61:a9:10:f4) on the local adapter. The event contains the vendor-specific error code.
12/21/2010 12:11:46 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
12/17/2010 11:33:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.1960.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee2 Error description: The operation timed out
==== End Of File ===========================
Thanks for your help in advance!
BfB