0

Seem to have a Malware infection. System started to not respond and lockup on 11/28. Ran virus scans w/ Zone Alarm and MBAM and found 2 diff viruses @ 2 diff times. Backdoor.Bredavi and Trojan-spy.html.fraud.gen Would lock up after detecting files so not certain if they were actually ever removed.

MBAM locks up ever time I do a Full Scan on an .eml file. Use Windows Mail. I am not able to run the MS Malicious SW Removal Tool (or even install it). Ran MS Virus Scan and it locked up on an .eml file as well.

Any help is greatly appreciated. Will post logs:

1
Contributor
3
Replies
4
Views
5 Years
Discussion Span
Last Post by huegs
0

GMER One (came up blank)

-------------------------


GMER Two

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-04 12:22:37
Windows 6.0.6002 Service Pack 2
Running: 2kxgv0lz.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3710

---- Files - GMER 1.0.15 ----

File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.ci 40960 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.dir 4096 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid 65536 bytes

---- EOF - GMER 1.0.15 ----

0

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/12/2009 3:52:23 PM
System Uptime: 12/5/2011 5:23:07 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 320.144 GiB free.
E: is FIXED (NTFS) - 15 GiB total, 6.084 GiB free.
F: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}
Description: Mobile Intel(R) 4 Series Express Chipset Family
Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_02AA1028&REV_07\3&2ACF1E9&0&11
Manufacturer: Intel Corporation
Name: Mobile Intel(R) 4 Series Express Chipset Family
PNP Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_02AA1028&REV_07\3&2ACF1E9&0&11
Service: igfx
.
==== System Restore Points ===================
.
RP419: 10/12/2011 1:05:40 AM - Device Driver Package Install: Hewlett-Packard Printers
RP420: 10/12/2011 1:06:41 AM - Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
RP421: 10/12/2011 1:35:25 AM - Windows Update
RP422: 10/13/2011 3:00:21 AM - Windows Update
RP423: 10/14/2011 2:13:45 AM - Windows Update
RP424: 10/18/2011 2:30:52 AM - Windows Update
RP425: 10/21/2011 2:30:52 AM - Windows Update
RP426: 10/24/2011 6:41:38 AM - Scheduled Checkpoint
RP427: 10/25/2011 2:22:58 AM - Windows Update
RP428: 10/26/2011 3:00:15 AM - Windows Update
RP429: 10/28/2011 2:24:01 AM - Windows Update
RP430: 11/1/2011 2:24:50 AM - Windows Update
RP431: 11/4/2011 4:58:57 AM - Windows Update
RP432: 11/5/2011 12:15:38 AM - Installed Rapport
RP433: 11/8/2011 2:03:12 AM - Windows Update
RP434: 11/8/2011 4:56:12 PM - Installed Rapport
RP435: 11/9/2011 3:00:19 AM - Windows Update
RP436: 11/10/2011 5:25:09 AM - Scheduled Checkpoint
RP437: 11/11/2011 2:12:12 AM - Windows Update
RP438: 11/12/2011 3:00:15 AM - Windows Update
RP439: 11/13/2011 10:05:02 PM - Installed Rapport
RP440: 11/15/2011 1:49:32 AM - Windows Update
RP441: 11/18/2011 4:51:13 AM - Windows Update
RP442: 11/22/2011 2:55:31 AM - Windows Update
RP443: 11/25/2011 7:12:34 AM - Windows Update
RP444: 11/28/2011 11:47:16 AM - Windows Update
RP445: 12/1/2011 9:34:37 PM - Windows Update
RP446: 12/4/2011 10:43:00 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader for ScanSnap (TM) 4.0
Acrobat.com
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Advanced Audio FX Engine
Alleycode HTML Editor 2.2.0
Any Video Converter 3.2.1
Apple Application Support
Apple Software Update
AXIS Media Control Embedded
CardMinder
CardMinder V4.0
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CustomerResearchQFolder
D3DX10
Dell-eBay
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Dell Remote Access
Dell Support Center (Support Software)
Dell Video Chat
Dell Webcam Central
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DHTML Editing Component
DivX Setup
FastStone Image Viewer 4.2
GIMP 2.6.10
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 1000 J110 series Help
HP Photo Creations
HP Update
hppFaxDrvM1522
hppFonts
hppLJM1522
hppManualsM1522
hppscanM1522
hppScanTo
hppTLBXFXM1522
hppusgM1522
HPSSupply
hpzTLBXFX
HTC Touch Pro™ User Manual
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
Live! Cam Avatar Creator
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft Age of Empires Gold
Microsoft Age of Empires II
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mihov Picture Downloader 1.5 (remove only)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Octoshape add-in for Adobe Flash Player
PowerDVD DX
Product_Min_QFolder
QuickTime
Rapport
Risk
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SA30xx Media Converter
Scan
Scan to Microsoft SharePoint
ScanSnap
ScanSnap Manager
ScanSnap Organizer
Security Task Manager 1.8d
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
Switch Sound File Converter
Turbo Lister 2
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFF 1.3.2
XAMPP 1.7.4
Xvid Video Codec
Yahoo! Toolbar
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Internet Security Suite
ZoneAlarm Security
.
==== Event Viewer Messages From Past Week ========
.
12/5/2011 5:25:08 PM, Error: Service Control Manager [7000] - The Intel(R) PRO/1000 PCI Express Network Connection Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/5/2011 5:25:08 PM, Error: Service Control Manager [7000] - The Intel(R) PRO/1000 NDIS 6 Adapter Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/5/2011 5:25:08 PM, Error: Service Control Manager [7000] - The HighSpeed USB-Ethernet Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/5/2011 5:23:44 PM, Error: EventLog [6008] - The previous system shutdown at 5:08:55 PM on 12/5/2011 was unexpected.
12/5/2011 3:50:11 PM, Error: EventLog [6008] - The previous system shutdown at 3:15:46 PM on 12/5/2011 was unexpected.
12/5/2011 3:15:14 PM, Error: netbt [4321] - The name "CRYSTAL-PC :0" could not be registered on the interface with IP address 192.168.0.3. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
12/5/2011 2:31:45 PM, Error: Service Control Manager [7024] - The Remote Access Media Server service terminated with service-specific error 1 (0x1).
12/5/2011 2:25:18 PM, Error: EventLog [6008] - The previous system shutdown at 2:15:42 PM on 12/5/2011 was unexpected.
12/5/2011 2:04:00 PM, Error: EventLog [6008] - The previous system shutdown at 1:58:41 PM on 12/5/2011 was unexpected.
12/5/2011 11:57:34 AM, Error: VDS Dynamic Provider [10] - The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
12/5/2011 11:56:13 AM, Error: EventLog [6008] - The previous system shutdown at 9:44:08 PM on 12/4/2011 was unexpected.
12/5/2011 1:51:00 PM, Error: EventLog [6008] - The previous system shutdown at 1:22:01 PM on 12/5/2011 was unexpected.
12/4/2011 8:45:22 PM, Error: EventLog [6008] - The previous system shutdown at 7:50:12 PM on 12/4/2011 was unexpected.
12/4/2011 7:05:26 PM, Error: EventLog [6008] - The previous system shutdown at 6:02:35 PM on 12/4/2011 was unexpected.
12/4/2011 3:43:48 PM, Error: EventLog [6008] - The previous system shutdown at 3:37:10 PM on 12/4/2011 was unexpected.
12/4/2011 3:31:26 PM, Error: EventLog [6008] - The previous system shutdown at 3:27:55 PM on 12/4/2011 was unexpected.
12/4/2011 11:12:52 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}. The error: "1314" Happened while starting this command: C:\Windows\system32\igfxsrvc.exe -Embedding
12/4/2011 11:09:44 AM, Error: EventLog [6008] - The previous system shutdown at 11:00:35 AM on 12/4/2011 was unexpected.
12/4/2011 10:35:48 AM, Error: EventLog [6008] - The previous system shutdown at 1:54:46 PM on 12/3/2011 was unexpected.
12/4/2011 1:36:06 PM, Error: EventLog [6008] - The previous system shutdown at 1:21:32 PM on 12/4/2011 was unexpected.
12/3/2011 12:22:54 PM, Error: EventLog [6008] - The previous system shutdown at 12:09:24 PM on 12/3/2011 was unexpected.
12/3/2011 12:05:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
12/3/2011 12:05:42 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/3/2011 12:02:40 PM, Error: EventLog [6008] - The previous system shutdown at 11:57:25 AM on 12/3/2011 was unexpected.
12/3/2011 11:48:46 AM, Error: EventLog [6008] - The previous system shutdown at 11:41:32 AM on 12/3/2011 was unexpected.
12/3/2011 11:34:48 AM, Error: EventLog [6008] - The previous system shutdown at 11:25:08 AM on 12/3/2011 was unexpected.
12/3/2011 11:16:05 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
12/3/2011 10:51:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/3/2011 10:41:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: KLIF spldr Wanarpv6
12/3/2011 10:41:33 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/3/2011 10:41:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/3/2011 10:41:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/3/2011 10:41:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/3/2011 10:41:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/3/2011 10:41:09 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
12/3/2011 10:40:36 AM, Error: EventLog [6008] - The previous system shutdown at 10:35:16 AM on 12/3/2011 was unexpected.
12/3/2011 10:27:34 AM, Error: EventLog [6008] - The previous system shutdown at 10:46:18 PM on 12/1/2011 was unexpected.
12/3/2011 1:31:04 PM, Error: EventLog [6008] - The previous system shutdown at 12:47:38 PM on 12/3/2011 was unexpected.
12/1/2011 9:26:45 PM, Error: EventLog [6008] - The previous system shutdown at 9:21:07 PM on 12/1/2011 was unexpected.
12/1/2011 10:24:31 PM, Error: EventLog [6008] - The previous system shutdown at 9:51:32 PM on 12/1/2011 was unexpected.
11/30/2011 12:11:41 AM, Error: EventLog [6008] - The previous system shutdown at 12:09:25 AM on 11/30/2011 was unexpected.
11/29/2011 10:54:08 AM, Error: EventLog [6008] - The previous system shutdown at 12:12:13 AM on 11/29/2011 was unexpected.
11/28/2011 9:46:33 PM, Error: EventLog [6008] - The previous system shutdown at 7:43:32 PM on 11/28/2011 was unexpected.
11/28/2011 5:33:13 PM, Error: EventLog [6008] - The previous system shutdown at 5:30:01 PM on 11/28/2011 was unexpected.
11/28/2011 5:23:08 PM, Error: EventLog [6008] - The previous system shutdown at 4:47:41 PM on 11/28/2011 was unexpected.
11/28/2011 5:08:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/28/2011 4:45:52 AM, Error: EventLog [6008] - The previous system shutdown at 10:27:36 PM on 11/27/2011 was unexpected.
11/28/2011 4:44:56 PM, Error: EventLog [6008] - The previous system shutdown at 4:20:54 PM on 11/28/2011 was unexpected.
11/28/2011 3:58:40 PM, Error: EventLog [6008] - The previous system shutdown at 3:49:34 PM on 11/28/2011 was unexpected.
11/28/2011 3:23:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 3:22:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC kl2 KLIF NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Vsdatant Wanarpv6
11/28/2011 3:21:45 PM, Error: EventLog [6008] - The previous system shutdown at 3:15:08 PM on 11/28/2011 was unexpected.
11/28/2011 2:42:51 PM, Error: EventLog [6008] - The previous system shutdown at 1:25:34 PM on 11/28/2011 was unexpected.
11/28/2011 12:36:00 PM, Error: EventLog [6008] - The previous system shutdown at 11:53:50 AM on 11/28/2011 was unexpected.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The Remote Access Media Server service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:26 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/28/2011 11:40:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/28/2011 11:40:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/28/2011 11:39:21 PM, Error: EventLog [6008] - The previous system shutdown at 11:23:07 PM on 11/28/2011 was unexpected.
11/28/2011 10:56:28 PM, Error: EventLog [6008] - The previous system shutdown at 10:44:28 PM on 11/28/2011 was unexpected.
11/28/2011 10:36:42 PM, Error: EventLog [6008] - The previous system shutdown at 9:54:16 PM on 11/28/2011 was unexpected.
11/28/2011 1:22:51 PM, Error: EventLog [6008] - The previous system shutdown at 12:38:40 PM on 11/28/2011 was unexpected.
.
==== End Of File ===========================

0

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19154
Run by Nathan at 19:31:06 on 2011-12-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4057.1793 [GMT -6:00]
.
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\RUNDLL32.EXE
c:\xampp\apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\xampp\apache\bin\httpd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://stores.shop.ebay.com/Old-Post-Office-Postcards__W0QQLHQ5fAuctionZ1QQ_sidZ1009353QQ_trksidZp4634Q2ec0Q2em309
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
uURLSearchHooks: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
mURLSearchHooks: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64

\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [<NO NAME>]
mRunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CARDMI~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONVER~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLRE~1.LNK - c:\Windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}

\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://eventcenter.mpcc.edu/activex/AMC.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{3C930458-DED8-423B-AC69-65E5C4858F67} : DhcpNameServer = 192.168.0.1 69.10.0.2
TCP: Interfaces\{F95D6863-4044-41D3-A3C8-47FB2CA4D953} : DhcpNameServer = 192.168.0.1 205.171.3.25
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
BHO-X64: ZoneAlarm Security Suite - No File
BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64

\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO-X64: ZoneAlarm Security Engine Registrar - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: ZoneAlarm Security Suite Toolbar: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files (x86)\ZoneAlarm_Security_Suite\prxtbZone.dll
TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun-x64: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [(Default)]
mRunOnce-x64: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
.
============= SERVICES / DRIVERS ===============
.
R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 RapportCerberus_32301;RapportCerberus_32301;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_32301.sys [2011-11-7 396944]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-7 55056]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-7 61712]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe --> C:\Windows\System32

\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [?]
R2 Apache2.2;Remote Access Media Server;C:\xampp\apache\bin\httpd.exe [2010-10-17 20549]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2010-5-12 9321832]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 dsl-db;Remote Access DB;C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe [2007-9-14 5730304]
R2 dsl-fs-sync;Remote Access File Sync Service;C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe [2009-4-13 189680]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-14 33672]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2009-10-14 825984]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-7 931640]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-7-12 656624]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc --> RUNDLL32.EXE ykx64coinst,serviceStartProc [?]
R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]
R3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;C:\Windows\system32\DRIVERS\OA009Ufd.sys --> C:\Windows\system32\DRIVERS\OA009Ufd.sys [?]
R3 OA009Vid;Creative Camera OA009 Function Driver;C:\Windows\system32\DRIVERS\OA009Vid.sys --> C:\Windows\system32\DRIVERS\OA009Vid.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-31 135664]
S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.3.24903.0.sys --> C:\Windows\system32

\DRIVERS\DisplayLinkUsbPort_5.3.24903.0.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-31 135664]
S3 MOSUMAC;HighSpeed USB-Ethernet Driver;C:\Windows\system32\DRIVERS\M7830A64.SYS --> C:\Windows\system32\DRIVERS\M7830A64.SYS [?]
S3 PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms

[2008-11-4 28152]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 vsdatant7;vsdatant7;C:\Windows\system32\drivers\vsdatant.win7.sys --> C:\Windows\system32\drivers\vsdatant.win7.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-5 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-12-05 20:55:18 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-12-05 20:32:53 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BDBB471-17D8-4E78-B1AD-7274FD7228D8}\offreg.dll
2011-12-04 16:45:17 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BDBB471-17D8-4E78-B1AD-7274FD7228D8}\mpengine.dll
2011-12-04 16:42:29 -------- d-----w- C:\ProgramData\SecTaskMan
2011-12-04 16:42:03 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2011-11-08 19:20:06 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2011-11-08 19:20:06 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-08 19:20:03 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-11-08 19:20:03 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-11-08 19:20:01 893440 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-08 19:20:01 707584 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-08 19:20:01 50688 ----a-w- C:\Program Files\Windows Mail\wabimp.dll
.
==================== Find3M ====================
.
2011-10-05 00:04:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-30 23:25:35 1147904 ----a-w- C:\Windows\System32\wininet.dll
2011-09-30 23:21:20 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2011-09-30 23:21:00 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-09-30 23:20:40 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2011-09-30 23:20:39 77312 ----a-w- C:\Windows\System32\iesetup.dll
2011-09-30 23:06:24 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2011-09-30 22:29:23 479232 ----a-w- C:\Windows\System32\html.iec
2011-09-30 22:07:25 385024 ----a-w- C:\Windows\SysWow64\html.iec
2011-09-30 21:48:19 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2011-09-30 21:47:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-30 21:29:54 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 19:32:02.68 ===============

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.