BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Win Users don't show
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Win Users don't show  
Forum Quick Jump
 
New Topic Post reply to : Win Users don't show Printable version of : Win Users don't show
[ << Previous Thread | Next Thread >> ]

Notwithit
New Member


Date Joined Dec 2006
Total Posts : 26
 
   Posted 9/19/2013 11:38 AM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
Windows 7 users don't show up on boot. Tried multiple fixes and this is somewhat a last resort I suppose... Thank you all in advance!


Win 7 x64 Professional SP1
8 gb ram
250 gb hdd
Smart Card, Fingerprint.


DDS Logs:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/28/2013 8:31:41 PM
System Uptime: 9/19/2013 1:30:15 AM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 172B
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz | CPU 1 | 2660/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 106.898 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswRvrt
Device ID: ROOT\LEGACY_ASWRVRT\0000
Manufacturer:
Name: aswRvrt
PNP Device ID: ROOT\LEGACY_ASWRVRT\0000
Service: aswRvrt
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_172B103C&REV_14\4&38E655E8&0&32F0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_172B103C&REV_14\4&38E655E8&0&32F0
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswVmm
Device ID: ROOT\LEGACY_ASWVMM\0000
Manufacturer:
Name: aswVmm
PNP Device ID: ROOT\LEGACY_ASWVMM\0000
Service: aswVmm
.
==== System Restore Points ===================
.
RP24: 9/11/2013 5:03:49 PM - Windows Update
RP25: 9/16/2013 11:24:40 PM - Windows Update
RP26: 9/18/2013 9:38:55 AM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
RP27: 9/18/2013 9:42:42 AM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
RP28: 9/18/2013 11:10:59 AM - Installed Java SE Development Kit 7 Update 40 (64-bit)
RP29: 9/18/2013 11:12:02 AM - Installed Java 7 Update 40 (64-bit)
RP30: 9/18/2013 11:46:42 PM - Installed Motorola Device Manager
RP31: 9/18/2013 11:57:26 PM - Installed RSDLite
RP32: 9/19/2013 12:01:10 AM - Installed Motorola Mobile Drivers Installation 5.9.0
.
==== Installed Programs ======================
.
Adobe Reader XI (11.0.03)
avast! Free Antivirus
CCleaner
Citrix Online Launcher
Google Chrome
Google Update Helper
GoToMeeting 5.4.0.1082
HP Battery Check
HP ProtectTools Security Manager
HP Webcam Driver
IDT Audio
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Java 7 Update 40 (64-bit)
Java SE Development Kit 7 Update 40 (64-bit)
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.2.0
MSXML 4.0 SP3 Parser
Nmap 6.40
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
OpenOffice 4.0.0
OpenVPN Connect
SAMSUNG USB Driver for Mobile Phones
Secure Send - LR1
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Skype™ 6.7
SUPERAntiSpyware
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Validity Fingerprint Driver
VMware vCenter Converter Standalone
VMware vSphere Client 5.1
WinPcap 4.1.2
.
==== Event Viewer Messages From Past Week ========
.
9/19/2013 12:24:04 AM, Error: Service Control Manager [7031] - The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
9/19/2013 12:24:03 AM, Error: Service Control Manager [7031] - The PST Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
9/19/2013 12:14:00 AM, Error: Disk [11] - The driver detected a controller error on \...\DR1.
9/19/2013 1:33:32 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:30:49 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:30:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
9/19/2013 1:30:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
9/19/2013 1:30:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/19/2013 1:30:37 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache spldr Wanarpv6
9/19/2013 1:30:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
9/19/2013 1:30:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
9/19/2013 1:19:48 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:19:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
9/19/2013 1:19:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
9/19/2013 1:17:15 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The VMware vCenter Converter Standalone Server service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
9/18/2013 8:32:35 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
9/18/2013 8:31:40 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
9/18/2013 11:47:43 PM, Error: Service Control Manager [7030] - The PST Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
9/16/2013 10:36:33 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 172.16.42.42, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
9/16/2013 10:26:20 PM, Error: Microsoft-Windows-SharedAccess_NAT [30009] - The DHCP allocator encountered a network error while attempting to reply on IP address 0.0.0.0 to a request from a client. The data is the error code.
9/16/2013 10:26:20 PM, Error: Microsoft-Windows-SharedAccess_NAT [30005] - The DHCP allocator has detected a DHCP server with IP address 172.16.42.1 on the same network as the interface with IP address 192.168.137.1. The allocator has disabled itself on the interface to avoid confusing DHCP clients.
.
==== End Of File ===========================

Post Edited (Notwithit) : 9/19/2013 9:40:06 AM GMT

Back to Top
 

Notwithit
New Member


Date Joined Dec 2006
Total Posts : 26
 
   Posted 9/19/2013 11:38 AM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16686
Run by notwithit at 2:30:31 on 2013-09-19
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8054.6767 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\notwithit\Downloads\HijackThis.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENVP~1.LNK - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{8E9EFE0E-CCEE-4BA9-9873-84FE8CB4A309} : NameServer = 8.8.8.8
TCP: Interfaces\{C1F5B36A-479F-48A1-B777-8F462F53F147} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{FA0BD7D2-2F26-45E8-A9A9-8CF072556447} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{FC744D73-EB19-4534-9E82-5440EDC83470} : DHCPNameServer = 10.200.40.11 10.200.40.12
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.94.0.1 client.openvpn.net
.
============= SERVICES / DRIVERS ===============
.
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-2-2 509104]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 RICOH SmartCard Reader;RICOH SmartCard Reader;C:\Windows\System32\drivers\rismcx64.sys [2006-10-3 79488]
R3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2011-8-19 30720]
S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-3 65336]
S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-3 204880]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-3 1030952]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-3 378944]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-8-28 89600]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-3 33400]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-3 80816]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-3 46808]
S2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-21 227896]
S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
S2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-7-31 137528]
S2 OpenVPNAccessClient;OpenVPN Access Client;C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2012-5-3 24064]
S2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-9-18 65657]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-8-28 2497408]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-18 2045232]
S2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-9-5 856728]
S2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2013-4-9 479824]
S2 vmware-converter-server;VMware vCenter Converter Standalone Server;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2013-4-9 479824]
S2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2013-4-9 479824]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]
S3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 170712]
S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 166104]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-28 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-8-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-28 1255736]
.
=============== Created Last 30 ================
.
2013-09-19 09:02:02 -------- d-----w- C:\Program Files\CCleaner
2013-09-19 08:56:33 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Malwarebytes
2013-09-19 08:56:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-19 08:56:27 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-19 08:56:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 08:34:18 -------- d-----w- C:\Users\notwithit\AppData\Roaming\SUPERAntiSpyware.com
2013-09-19 08:34:12 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-09-19 08:34:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-09-19 08:32:25 173132 ----a-w- C:\hkeyusersdefault.reg
2013-09-19 08:13:37 1204 ----a-w- C:\notwithit.reg
2013-09-19 07:34:58 -------- d-----w- C:\Users\notwithit\AppData\Local\ElevatedDiagnostics
2013-09-19 07:14:06 -------- d-----w- C:\ProgramData\Motorola
2013-09-19 07:02:16 -------- d-----w- C:\Users\notwithit\AppData\Local\Motosftemp
2013-09-19 06:48:13 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Motorola Mobility
2013-09-19 06:48:13 -------- d-----w- C:\Temp
2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Motorola Mobility
2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Motorola
2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap
2013-09-19 06:47:32 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-09-19 06:46:59 -------- d-----w- C:\Program Files\Motorola Inc
2013-09-19 06:46:59 -------- d-----w- C:\Program Files\Common Files\Motorola Shared
2013-09-19 06:46:32 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Motorola
2013-09-18 18:12:54 -------- d-----w- C:\Users\notwithit\.android
2013-09-18 18:12:23 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2013-09-18 18:12:23 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-09-18 18:12:19 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-18 18:00:40 -------- d-----w- C:\Program Files\SAMSUNG
2013-09-18 18:00:09 -------- d-----w- C:\ProgramData\Samsung
2013-09-18 16:47:23 -------- d-----w- C:\usb_driver
2013-09-18 16:39:06 -------- d-----w- C:\ProgramData\Package Cache
2013-09-17 06:25:44 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60B6B0FC-2129-4914-A880-8EBCBB1A06ED}\offreg.dll
2013-09-17 06:25:06 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60B6B0FC-2129-4914-A880-8EBCBB1A06ED}\mpengine.dll
2013-09-11 18:17:33 -------- d-----w- C:\Users\notwithit\AppData\Local\Secure Send
2013-09-11 17:52:22 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-09-05 19:55:13 -------- d-----w- C:\Users\notwithit\AppData\Roaming\OpenOffice
2013-09-05 19:53:32 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2013-09-04 05:02:35 -------- d-----w- C:\Users\notwithit\AppData\Local\Adobe
2013-09-04 02:13:45 -------- d-----w- C:\Users\notwithit\.zenmap
2013-09-04 02:11:17 -------- d-----w- C:\Program Files\WinPcap
2013-09-04 02:10:55 -------- d-----w- C:\Program Files (x86)\Nmap
2013-09-03 17:36:04 -------- d-----w- C:\Users\notwithit\AppData\Local\VMware
2013-09-03 17:32:24 47768 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2013-09-03 17:31:01 -------- d-----w- C:\Program Files (x86)\VMware
2013-09-03 17:31:01 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2013-09-03 17:14:43 -------- d-----w- C:\Users\notwithit\AppData\Roaming\DigitalPersona
2013-09-03 17:14:43 -------- d-----w- C:\Users\notwithit\AppData\Local\DigitalPersona
2013-09-03 17:03:01 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies
2013-09-03 16:33:09 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-09-03 16:33:08 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-09-03 16:33:08 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-09-03 16:33:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-09-03 16:33:04 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-09-03 16:32:13 41664 ----a-w- C:\Windows\avastSS.scr
2013-09-03 16:32:00 -------- d-----w- C:\Program Files\AVAST Software
2013-09-03 16:30:11 -------- d-----w- C:\ProgramData\AVAST Software
2013-08-29 17:10:42 -------- d-----w- C:\Program Files (x86)\Citrix
2013-08-29 17:10:31 -------- d-----w- C:\Users\notwithit\AppData\Local\Citrix
2013-08-29 06:11:08 -------- d-----w- C:\Program Files\Validity Sensors
2013-08-29 05:52:41 -------- d-----w- C:\Program Files\Synaptics
2013-08-29 05:42:40 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-08-29 05:34:14 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-08-29 05:34:14 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-08-29 05:34:14 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-08-29 05:34:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-08-29 05:34:13 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-08-29 05:34:13 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-08-29 05:34:13 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-08-29 05:34:13 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-08-29 05:34:13 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2013-08-29 05:34:08 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2013-08-29 05:34:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2013-08-29 05:30:59 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-08-29 05:30:59 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-08-29 05:18:20 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-29 05:16:13 -------- d-----w- C:\Windows\SysWow64\Wat
2013-08-29 05:16:13 -------- d-----w- C:\Windows\System32\Wat
2013-08-29 04:55:14 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-08-29 04:51:55 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-08-29 04:51:55 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-08-29 04:51:55 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-08-29 04:51:55 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-08-29 04:46:19 -------- d-----w- C:\Windows\System32\MRT
2013-08-29 04:42:11 -------- d-----r- C:\Program Files (x86)\Skype
2013-08-29 04:37:29 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-08-29 04:37:29 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-08-29 04:37:29 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-08-29 04:37:28 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-08-29 04:37:28 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-08-29 04:33:13 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-08-29 04:33:12 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-08-29 04:33:12 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-08-29 04:31:54 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2013-08-29 04:30:56 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-08-29 04:26:13 -------- d-----w- C:\Users\notwithit\AppData\Local\Google
2013-08-29 04:25:49 -------- d-----w- C:\Users\notwithit\AppData\Local\Apps
2013-08-29 04:25:48 -------- d-----w- C:\Users\notwithit\AppData\Local\Deployment
2013-08-29 04:22:56 -------- d-----w- C:\Windows\Panther
2013-08-29 04:22:27 77312 ----a-w- C:\Windows\System32\packager.dll
2013-08-29 04:22:27 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-08-29 04:14:49 -------- d-----w- C:\Intel
2013-08-29 04:13:07 -------- d-----w- C:\Users\notwithit\AppData\Local\Hewlett-Packard
2013-08-29 04:11:47 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-08-29 04:11:37 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-08-29 04:11:31 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-08-29 04:11:31 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-08-29 04:10:36 -------- d-----w- C:\Users\notwithit\AppData\Roaming\hpqLog
2013-08-29 04:10:17 -------- d-sh--w- C:\Windows\Installer
2013-08-29 04:05:00 90624 ----a-w- C:\Windows\System32\AESTCo64.dll
2013-08-29 04:05:00 68608 ----a-w- C:\Windows\System32\AESTAR64.dll
2013-08-29 04:05:00 489472 ----a-w- C:\Windows\sttray64.exe
2013-08-29 04:05:00 442368 ----a-w- C:\Windows\System32\AESTEC64.dll
2013-08-29 04:05:00 1952256 ----a-w- C:\Windows\System32\stlang64.dll
2013-08-29 04:05:00 162816 ----a-w- C:\Windows\System32\AESTAC64.dll
2013-08-29 04:05:00 12861952 ----a-w- C:\Windows\System32\idtcpl64.cpl
2013-08-29 04:04:41 651264 ------w- C:\Windows\System32\stapi64.dll
2013-08-29 04:04:41 515584 ----a-w- C:\Windows\System32\drivers\stwrt64.sys
2013-08-29 04:04:41 431616 ----a-w- C:\Windows\System32\stcplx64.dll
2013-08-29 04:04:41 219648 ----a-w- C:\Windows\System32\staco64.dll
2013-08-29 04:04:41 1484288 ----a-w- C:\Windows\System32\stapo64.dll
2013-08-29 04:04:40 -------- d-----w- C:\Program Files\IDT
2013-08-29 04:04:33 -------- d-----w- C:\SWSetup
2013-08-20 14:02:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-08-20 14:02:12 103576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
.
==================== Find3M ====================
.
2013-08-29 05:18:20 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 03:02:14 66264 ----a-w- C:\Windows\System32\btwdi.dll
2013-08-10 03:02:14 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll
2013-08-10 03:02:14 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-08-10 03:02:14 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-08-10 03:02:12 2252504 ----a-w- C:\Windows\System32\BtwRSupportService.exe
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-28 22:44:52 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2013-07-28 22:44:50 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2013-07-28 22:44:50 369168 ----a-w- C:\Windows\System32\wpcap.dll
2013-07-28 22:44:50 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2013-07-28 22:44:50 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2013-07-28 22:44:50 106000 ----a-w- C:\Windows\System32\Packet.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 2:30:41.58 ===============
Back to Top
 

Notwithit
New Member


Date Joined Dec 2006
Total Posts : 26
 
   Posted 9/19/2013 11:39 AM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
MBAM LOG



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.19.01

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16686
notwithit :: HAPPYLAPPY [administrator]

9/19/2013 2:12:56 AM
mbam-log-2013-09-19 (02-12-56).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316404
Time elapsed: 15 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Back to Top
 

Notwithit
New Member


Date Joined Dec 2006
Total Posts : 26
 
   Posted 9/19/2013 11:39 AM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
HiJackThis Log


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:31:56 AM, on 9/19/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)


Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\notwithit\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.94.0.1 client.openvpn.net
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E9EFE0E-CCEE-4BA9-9873-84FE8CB4A309}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10298 bytes
Back to Top
 

Andreea-Luciana Ostache
Forum Moderator




Date Joined Aug 2010
Total Posts : 549
 
   Posted 9/24/2013 11:41 PM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
I will kindly ask you to follow these steps:

1. Go to Start and type CMD.exe in the search field.
2. Wait for a few moments and, when CMD.exe is displayed in the list above, right-click on it and select "Run as administrator"
3. In the black CMD window type the following and press Enter:
Change logon /enable
4. Wait for CMD to be finished and reboot the computer.

If this does not solve the problem, try a SFC /SCANNOW command instead of the logon change.

Cheers


Andreea-Luciana Ostache
Senior Support Technician EN
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 13

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!

Back to Top
 

Notwithit
New Member


Date Joined Dec 2006
Total Posts : 26
 
   Posted 10/24/2013 8:27 PM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
Sorry for taking a month to get back to you. My word I am terrible! I had already changed my login to enable so that I can actually get into the computer. Hah. Doing sfc /scannow now. Hopefully that fixes the problem. The main worry was that there were remnants of a virus or something crappy that I hadn't caught. Thank you for your help!
Back to Top
 

Andreea-Luciana Ostache
Forum Moderator




Date Joined Aug 2010
Total Posts : 549
 
   Posted 10/25/2013 5:46 AM (GMT +2)    Quote: Win Users don't showAlert an admin about: Win Users don't show
I do not see anything suspicious in your logs. If you update Avast and run a boot time scan it will most likely solve the problem if there is one.

However, if you have any other issues with system functions not working, those can be solved with the sfc scan in the good case or by doing a repair of the system in the worst case scenario.

Take your time and see how the computer is running for a while. Then contact us again and let us know if you see anything not working properly.

Cheers!


Andreea-Luciana Ostache
Senior Support Technician EN
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 14

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!

Back to Top
 
New Topic Post reply to : Win Users don't show Printable version of : Win Users don't show
 
Forum Information
Currently it is Saturday, November 22, 2014 12:34 PM (GMT +2)
There are a total of 60,770 posts in 13,350 threads.
In the last 3 days there were 1 new threads and 8 reply posts. View Active Threads
Who's Online
This forum has 36820 registered members. Please welcome our newest member, clairebutler.
7 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Jual Kitchen Set (0)11/22/2014 1:35:38 AM (ayoayo)
Will the problems never end? (4)11/21/2014 8:06:59 AM (Deb1957)
Bgscan parameters (4)11/20/2014 7:17:53 PM (janis)
Is there a future for the Forum? (4)11/19/2014 8:31:27 PM (Dickens)