Kathryn Rowan
Posts: 62 +0
Hi There,
Our [FONT=inherit]desktop[/FONT] computer has recently started displaying this message shortly after rebooting and, although we can access the internet after this message, we can't download new e-mail messages, update antivirus definitions (last antivirus definition was downloaded 4 days ago) or open just about any program (TFC, Malwares, etc). When trying to open these programs, I get an error message that says either "The Service cannot accept control messages at this time" or "The pipe state is invalid." Full scan using both Microsoft Security Essentials and Malwarebytes come up with nothing. Logs from Malwarebytes and the DDS programs are below. Please help!
Our [FONT=inherit]desktop[/FONT] computer has recently started displaying this message shortly after rebooting and, although we can access the internet after this message, we can't download new e-mail messages, update antivirus definitions (last antivirus definition was downloaded 4 days ago) or open just about any program (TFC, Malwares, etc). When trying to open these programs, I get an error message that says either "The Service cannot accept control messages at this time" or "The pipe state is invalid." Full scan using both Microsoft Security Essentials and Malwarebytes come up with nothing. Logs from Malwarebytes and the DDS programs are below. Please help!
DDS Note Pad:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.17.2
Run by Robert at 8:46:24 on 2013-03-18
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1791.808 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Windows\system32\java.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Active PC Optimizer\ActivePCOptimizerService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3196716
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
uProxyOverride = localhost;*.local
mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80226
mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80226
uURLSearchHooks: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
mURLSearchHooks: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ALOT Toolbar Helper: {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - c:\program files\alot\bin\bho\alotBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - c:\program files\crawler\toolbar\ctbr.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll
BHO: <No Name>: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - c:\program files\inbox toolbar\Inbox.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - c:\program files\inbox toolbar\Inbox.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll
TB: WiseConvert Toolbar: {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - c:\program files\wiseconvert\prxtbWise.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - c:\program files\inbox toolbar\Inbox.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll
TB: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - c:\program files\alot\bin\alot.dll
TB: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; eSobiSubscriber 2.0.4.16; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C)" -"http://get.adobe.com/shockwave/thankyou/?installer=Shockwave_11.6.8.638_Windows_Slim_IE"
mRun: [eRecoveryService] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Search - <no file>
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: turbotax.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn.cusys.edu/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{6879CCB1-4EB6-4AAB-81E5-21903DDCD77C} : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
Handler: bw+0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw+0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: bwg0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwg0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0 - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0s - {02d476dc-f026-4e9b-b35a-7b66aa9f60dd} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\program files\inbox toolbar\Inbox.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: offline-8876480 - {02D476DC-F026-4E9B-B35A-7B66AA9F60DD} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\program files\crawler\toolbar\ctbr.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 MpKslc860b6c7;MpKslc860b6c7;c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\MpKslc860b6c7.sys [2013-3-18 29904]
R1 MpKslcd79894e;MpKslcd79894e;c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\MpKslcd79894e.sys [2013-3-18 29904]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2008-2-26 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-1-23 21752]
R2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-24 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-24 682344]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-1-22 49152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-1-22 131072]
R2 RegMumService;ActivePCOptimizer Service;c:\program files\active pc optimizer\ActivePCOptimizerService.exe [2012-8-27 1553344]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2012-11-26 1225312]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2012-11-26 659040]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-24 21104]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 QuickBooksDB19;QuickBooksDB19;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb19 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB19 [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 QuickBooksDB18;QuickBooksDB18;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb18 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB18 [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-25 30192]
S3 magaService;Lan Discover Agent;c:\program files\sygate\ssa\maga\maga.exe --> c:\program files\sygate\ssa\maga\maga.exe [?]
S3 QuickBooksDB20;QuickBooksDB20;c:\progra~1\intuit\quickb~2\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~1\intuit\quickb~2\QBDBMgrN.exe -hvQuickBooksDB20 [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-18 14:45:0329904----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\MpKslc860b6c7.sys
2013-03-18 13:02:4629904----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\MpKslcd79894e.sys
2013-03-17 22:14:1360872----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\offreg.dll
2013-03-17 18:34:00740840----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{86f08306-fa33-40dc-bb0a-8a5de89dde07}\gapaengine.dll
2013-03-17 18:33:526954968----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{4ec8f663-23cc-4efa-8dd6-b4c51ea98196}\mpengine.dll
2013-03-17 18:18:29--------d-----w-c:\program files\Microsoft Security Client
2013-03-08 13:58:4594112----a-w-c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2013-03-08 13:58:34861088----a-w-c:\windows\system32\npdeployJava1.dll
2013-03-08 13:58:34782240----a-w-c:\windows\system32\deployJava1.dll
2013-02-02 03:38:351800704----a-w-c:\windows\system32\jscript9.dll
2013-02-02 03:30:321427968----a-w-c:\windows\system32\inetcpl.cpl
2013-02-02 03:30:211129472----a-w-c:\windows\system32\wininet.dll
2013-02-02 03:26:47142848----a-w-c:\windows\system32\ieUnatt.exe
2013-02-02 03:26:21420864----a-w-c:\windows\system32\vbscript.dll
2013-02-02 03:23:282382848----a-w-c:\windows\system32\mshtml.tlb
2013-01-30 10:53:21232336------w-c:\windows\system32\MpSigStub.exe
2013-01-28 20:02:355113072----a-w-c:\windows\uninst.exe
2013-01-20 21:59:04195296----a-w-c:\windows\system32\drivers\MpFilter.sys
2013-01-20 21:59:04100328----a-w-c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:26:013602808----a-w-c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:26:013550072----a-w-c:\windows\system32\ntoskrnl.exe
2013-01-04 11:28:19914792----a-w-c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:55:1831232----a-w-c:\windows\system32\drivers\tcpipreg.sys
2013-01-04 01:38:502048512----a-w-c:\windows\system32\win32k.sys
.
============= FINISH: 8:48:11.22 ===============