Win Users don't show

Posted 9/19/2013 9:38 AM
#96011
User avatar

Notwithit Valued member

Date Joined Nov 2016
Total Posts: 16
Windows 7 users don't show up on boot. Tried multiple fixes and this is somewhat a last resort I suppose... Thank you all in advance! <br/> <br/> <br/>Win 7 x64 Professional SP1 <br/>8 gb ram <br/>250 gb hdd <br/>Smart Card, Fingerprint. <br/> <br/> <br/>DDS Logs: <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Professional <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 8/28/2013 8:31:41 PM <br/>System Uptime: 9/19/2013 1:30:15 AM (1 hours ago) <br/>. <br/>Motherboard: Hewlett-Packard | | 172B <br/>Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz | CPU 1 | 2660/133mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 149 GiB total, 106.898 GiB free. <br/>D: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} <br/>Description: Security Processor Loader Driver <br/>Device ID: ROOT\LEGACY_SPLDR\0000 <br/>Manufacturer: <br/>Name: Security Processor Loader Driver <br/>PNP Device ID: ROOT\LEGACY_SPLDR\0000 <br/>Service: spldr <br/>. <br/>Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} <br/>Description: aswRvrt <br/>Device ID: ROOT\LEGACY_ASWRVRT\0000 <br/>Manufacturer: <br/>Name: aswRvrt <br/>PNP Device ID: ROOT\LEGACY_ASWRVRT\0000 <br/>Service: aswRvrt <br/>. <br/>Class GUID: <br/>Description: Base System Device <br/>Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_172B103C&REV_14\4&38E655E8&0&32F0 <br/>Manufacturer: <br/>Name: Base System Device <br/>PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_172B103C&REV_14\4&38E655E8&0&32F0 <br/>Service: <br/>. <br/>Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} <br/>Description: avast! Network Shield Support <br/>Device ID: ROOT\LEGACY_ASWTDI\0000 <br/>Manufacturer: <br/>Name: avast! Network Shield Support <br/>PNP Device ID: ROOT\LEGACY_ASWTDI\0000 <br/>Service: aswTdi <br/>. <br/>Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} <br/>Description: aswVmm <br/>Device ID: ROOT\LEGACY_ASWVMM\0000 <br/>Manufacturer: <br/>Name: aswVmm <br/>PNP Device ID: ROOT\LEGACY_ASWVMM\0000 <br/>Service: aswVmm <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP24: 9/11/2013 5:03:49 PM - Windows Update <br/>RP25: 9/16/2013 11:24:40 PM - Windows Update <br/>RP26: 9/18/2013 9:38:55 AM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 <br/>RP27: 9/18/2013 9:42:42 AM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 <br/>RP28: 9/18/2013 11:10:59 AM - Installed Java SE Development Kit 7 Update 40 (64-bit) <br/>RP29: 9/18/2013 11:12:02 AM - Installed Java 7 Update 40 (64-bit) <br/>RP30: 9/18/2013 11:46:42 PM - Installed Motorola Device Manager <br/>RP31: 9/18/2013 11:57:26 PM - Installed RSDLite <br/>RP32: 9/19/2013 12:01:10 AM - Installed Motorola Mobile Drivers Installation 5.9.0 <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Adobe Reader XI (11.0.03) <br/>avast! Free Antivirus <br/>CCleaner <br/>Citrix Online Launcher <br/>Google Chrome <br/>Google Update Helper <br/>GoToMeeting 5.4.0.1082 <br/>HP Battery Check <br/>HP ProtectTools Security Manager <br/>HP Webcam Driver <br/>IDT Audio <br/>Intel(R) Control Center <br/>Intel(R) Management Engine Components <br/>Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed <br/>Java 7 Update 40 (64-bit) <br/>Java SE Development Kit 7 Update 40 (64-bit) <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>Microsoft .NET Framework 4.5 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 <br/>Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 <br/>Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 <br/>Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 <br/>Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 <br/>Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 <br/>Microsoft Visual J# 2.0 Redistributable Package - SE (x64) <br/>Motorola Device Manager <br/>Motorola Device Software Update <br/>Motorola Mobile Drivers Installation 6.2.0 <br/>MSXML 4.0 SP3 Parser <br/>Nmap 6.40 <br/>NVIDIA HD Audio Driver 1.3.18.0 <br/>NVIDIA Install Application <br/>OpenOffice 4.0.0 <br/>OpenVPN Connect <br/>SAMSUNG USB Driver for Mobile Phones <br/>Secure Send - LR1 <br/>Security Update for Microsoft .NET Framework 4.5 (KB2737083) <br/>Security Update for Microsoft .NET Framework 4.5 (KB2742613) <br/>Security Update for Microsoft .NET Framework 4.5 (KB2789648) <br/>Security Update for Microsoft .NET Framework 4.5 (KB2804582) <br/>Security Update for Microsoft .NET Framework 4.5 (KB2833957) <br/>Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) <br/>Skype™ 6.7 <br/>SUPERAntiSpyware <br/>Synaptics Pointing Device Driver <br/>Update for Microsoft .NET Framework 4.5 (KB2750147) <br/>Update for Microsoft .NET Framework 4.5 (KB2805221) <br/>Update for Microsoft .NET Framework 4.5 (KB2805226) <br/>Validity Fingerprint Driver <br/>VMware vCenter Converter Standalone <br/>VMware vSphere Client 5.1 <br/>WinPcap 4.1.2 <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>9/19/2013 12:24:04 AM, Error: Service Control Manager [7031] - The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. <br/>9/19/2013 12:24:03 AM, Error: Service Control Manager [7031] - The PST Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. <br/>9/19/2013 12:14:00 AM, Error: Disk [11] - The driver detected a controller error on \...\DR1. <br/>9/19/2013 1:33:32 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:30:49 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:30:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} <br/>9/19/2013 1:30:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} <br/>9/19/2013 1:30:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} <br/>9/19/2013 1:30:37 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache spldr Wanarpv6 <br/>9/19/2013 1:30:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B} <br/>9/19/2013 1:30:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} <br/>9/19/2013 1:19:48 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:19:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} <br/>9/19/2013 1:19:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} <br/>9/19/2013 1:17:15 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The VMware vCenter Converter Standalone Server service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. <br/>9/19/2013 1:17:11 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>9/18/2013 8:32:35 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. <br/>9/18/2013 8:31:40 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. <br/>9/18/2013 11:47:43 PM, Error: Service Control Manager [7030] - The PST Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. <br/>9/16/2013 10:36:33 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 172.16.42.42, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope. <br/>9/16/2013 10:26:20 PM, Error: Microsoft-Windows-SharedAccess_NAT [30009] - The DHCP allocator encountered a network error while attempting to reply on IP address 0.0.0.0 to a request from a client. The data is the error code. <br/>9/16/2013 10:26:20 PM, Error: Microsoft-Windows-SharedAccess_NAT [30005] - The DHCP allocator has detected a DHCP server with IP address 172.16.42.1 on the same network as the interface with IP address 192.168.137.1. The allocator has disabled itself on the interface to avoid confusing DHCP clients. <br/>. <br/>==== End Of File ===========================
Posted 9/19/2013 9:38 AM
#96012
User avatar

Notwithit Valued member

Date Joined Nov 2016
Total Posts: 16
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK <br/>Internet Explorer: 10.0.9200.16686 <br/>Run by notwithit at 2:30:31 on 2013-09-19 <br/>Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8054.6767 [GMT -7:00] <br/>. <br/>AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k secsvcs <br/>C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Windows\system32\ctfmon.exe <br/>C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Users\notwithit\Downloads\HijackThis.exe <br/>C:\Program Files\Windows NT\Accessories\wordpad.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>mWinlogon: Userinit = userinit.exe, <br/>BHO: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll <br/>BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun <br/>uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun <br/>uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" <br/>mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENVP~1.LNK - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoActiveDesktopChanges = dword:1 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1 <br/>TCP: Interfaces\{8E9EFE0E-CCEE-4BA9-9873-84FE8CB4A309} : NameServer = 8.8.8.8 <br/>TCP: Interfaces\{C1F5B36A-479F-48A1-B777-8F462F53F147} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1 <br/>TCP: Interfaces\{FA0BD7D2-2F26-45E8-A9A9-8CF072556447} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1 <br/>TCP: Interfaces\{FC744D73-EB19-4534-9E82-5440EDC83470} : DHCPNameServer = 10.200.40.11 10.200.40.12 <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll <br/>SSODL: WebCheck - <orphaned> <br/>LSA: Notification Packages = DPPassFilter scecli <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, <br/>x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-BHO: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll <br/>x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll <br/>x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll <br/>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe <br/>x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe <br/>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> <br/>x64-SSODL: WebCheck - <orphaned> <br/>Hosts: 127.94.0.1 client.openvpn.net <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] <br/>R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-2-2 509104] <br/>R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] <br/>R3 RICOH SmartCard Reader;RICOH SmartCard Reader;C:\Windows\System32\drivers\rismcx64.sys [2006-10-3 79488] <br/>R3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2011-8-19 30720] <br/>S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-3 65336] <br/>S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-3 204880] <br/>S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-3 1030952] <br/>S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-3 378944] <br/>S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] <br/>S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] <br/>S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-8-28 89600] <br/>S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976] <br/>S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-3 33400] <br/>S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-3 80816] <br/>S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-3 46808] <br/>S2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504] <br/>S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] <br/>S2 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768] <br/>S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-21 227896] <br/>S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520] <br/>S2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-7-31 137528] <br/>S2 OpenVPNAccessClient;OpenVPN Access Client;C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2012-5-3 24064] <br/>S2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-9-18 65657] <br/>S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672] <br/>S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-8-28 2497408] <br/>S2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-18 2045232] <br/>S2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-9-5 856728] <br/>S2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2013-4-9 479824] <br/>S2 vmware-converter-server;VMware vCenter Converter Standalone Server;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2013-4-9 479824] <br/>S2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2013-4-9 479824] <br/>S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144] <br/>S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144] <br/>S3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 170712] <br/>S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 166104] <br/>S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576] <br/>S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] <br/>S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-28 19456] <br/>S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568] <br/>S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-28 57856] <br/>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-8-28 30208] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-28 1255736] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-09-19 09:02:02 -------- d-----w- C:\Program Files\CCleaner <br/>2013-09-19 08:56:33 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Malwarebytes <br/>2013-09-19 08:56:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys <br/>2013-09-19 08:56:27 -------- d-----w- C:\ProgramData\Malwarebytes <br/>2013-09-19 08:56:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-09-19 08:34:18 -------- d-----w- C:\Users\notwithit\AppData\Roaming\SUPERAntiSpyware.com <br/>2013-09-19 08:34:12 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com <br/>2013-09-19 08:34:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware <br/>2013-09-19 08:32:25 173132 ----a-w- C:\hkeyusersdefault.reg <br/>2013-09-19 08:13:37 1204 ----a-w- C:\notwithit.reg <br/>2013-09-19 07:34:58 -------- d-----w- C:\Users\notwithit\AppData\Local\ElevatedDiagnostics <br/>2013-09-19 07:14:06 -------- d-----w- C:\ProgramData\Motorola <br/>2013-09-19 07:02:16 -------- d-----w- C:\Users\notwithit\AppData\Local\Motosftemp <br/>2013-09-19 06:48:13 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Motorola Mobility <br/>2013-09-19 06:48:13 -------- d-----w- C:\Temp <br/>2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Motorola Mobility <br/>2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Motorola <br/>2013-09-19 06:47:41 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap <br/>2013-09-19 06:47:32 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 <br/>2013-09-19 06:46:59 -------- d-----w- C:\Program Files\Motorola Inc <br/>2013-09-19 06:46:59 -------- d-----w- C:\Program Files\Common Files\Motorola Shared <br/>2013-09-19 06:46:32 -------- d-----w- C:\Users\notwithit\AppData\Roaming\Motorola <br/>2013-09-18 18:12:54 -------- d-----w- C:\Users\notwithit\.android <br/>2013-09-18 18:12:23 973736 ----a-w- C:\Windows\System32\deployJava1.dll <br/>2013-09-18 18:12:23 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll <br/>2013-09-18 18:12:19 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll <br/>2013-09-18 18:00:40 -------- d-----w- C:\Program Files\SAMSUNG <br/>2013-09-18 18:00:09 -------- d-----w- C:\ProgramData\Samsung <br/>2013-09-18 16:47:23 -------- d-----w- C:\usb_driver <br/>2013-09-18 16:39:06 -------- d-----w- C:\ProgramData\Package Cache <br/>2013-09-17 06:25:44 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60B6B0FC-2129-4914-A880-8EBCBB1A06ED}\offreg.dll <br/>2013-09-17 06:25:06 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60B6B0FC-2129-4914-A880-8EBCBB1A06ED}\mpengine.dll <br/>2013-09-11 18:17:33 -------- d-----w- C:\Users\notwithit\AppData\Local\Secure Send <br/>2013-09-11 17:52:22 3155456 ----a-w- C:\Windows\System32\win32k.sys <br/>2013-09-05 19:55:13 -------- d-----w- C:\Users\notwithit\AppData\Roaming\OpenOffice <br/>2013-09-05 19:53:32 -------- d-----w- C:\Program Files (x86)\OpenOffice 4 <br/>2013-09-04 05:02:35 -------- d-----w- C:\Users\notwithit\AppData\Local\Adobe <br/>2013-09-04 02:13:45 -------- d-----w- C:\Users\notwithit\.zenmap <br/>2013-09-04 02:11:17 -------- d-----w- C:\Program Files\WinPcap <br/>2013-09-04 02:10:55 -------- d-----w- C:\Program Files (x86)\Nmap <br/>2013-09-03 17:36:04 -------- d-----w- C:\Users\notwithit\AppData\Local\VMware <br/>2013-09-03 17:32:24 47768 ----a-w- C:\Windows\System32\drivers\hcmon.sys <br/>2013-09-03 17:31:01 -------- d-----w- C:\Program Files (x86)\VMware <br/>2013-09-03 17:31:01 -------- d-----w- C:\Program Files (x86)\Common Files\VMware <br/>2013-09-03 17:14:43 -------- d-----w- C:\Users\notwithit\AppData\Roaming\DigitalPersona <br/>2013-09-03 17:14:43 -------- d-----w- C:\Users\notwithit\AppData\Local\DigitalPersona <br/>2013-09-03 17:03:01 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies <br/>2013-09-03 16:33:09 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys <br/>2013-09-03 16:33:08 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys <br/>2013-09-03 16:33:08 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys <br/>2013-09-03 16:33:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys <br/>2013-09-03 16:33:04 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys <br/>2013-09-03 16:32:13 41664 ----a-w- C:\Windows\avastSS.scr <br/>2013-09-03 16:32:00 -------- d-----w- C:\Program Files\AVAST Software <br/>2013-09-03 16:30:11 -------- d-----w- C:\ProgramData\AVAST Software <br/>2013-08-29 17:10:42 -------- d-----w- C:\Program Files (x86)\Citrix <br/>2013-08-29 17:10:31 -------- d-----w- C:\Users\notwithit\AppData\Local\Citrix <br/>2013-08-29 06:11:08 -------- d-----w- C:\Program Files\Validity Sensors <br/>2013-08-29 05:52:41 -------- d-----w- C:\Program Files\Synaptics <br/>2013-08-29 05:42:40 -------- d-----w- C:\Program Files\NVIDIA Corporation <br/>2013-08-29 05:34:14 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll <br/>2013-08-29 05:34:14 366592 ----a-w- C:\Windows\System32\qdvd.dll <br/>2013-08-29 05:34:14 340992 ----a-w- C:\Windows\System32\schannel.dll <br/>2013-08-29 05:34:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll <br/>2013-08-29 05:34:13 458712 ----a-w- C:\Windows\System32\drivers\cng.sys <br/>2013-08-29 05:34:13 247808 ----a-w- C:\Windows\SysWow64\schannel.dll <br/>2013-08-29 05:34:13 22016 ----a-w- C:\Windows\SysWow64\secur32.dll <br/>2013-08-29 05:34:13 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys <br/>2013-08-29 05:34:13 1448448 ----a-w- C:\Windows\System32\lsasrv.dll <br/>2013-08-29 05:34:08 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS <br/>2013-08-29 05:34:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys <br/>2013-08-29 05:30:59 1643520 ----a-w- C:\Windows\System32\DWrite.dll <br/>2013-08-29 05:30:59 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll <br/>2013-08-29 05:18:20 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-08-29 05:16:13 -------- d-----w- C:\Windows\SysWow64\Wat <br/>2013-08-29 05:16:13 -------- d-----w- C:\Windows\System32\Wat <br/>2013-08-29 04:55:14 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll <br/>2013-08-29 04:51:55 9728 ----a-w- C:\Windows\System32\Wdfres.dll <br/>2013-08-29 04:51:55 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys <br/>2013-08-29 04:51:55 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys <br/>2013-08-29 04:51:55 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui <br/>2013-08-29 04:46:19 -------- d-----w- C:\Windows\System32\MRT <br/>2013-08-29 04:42:11 -------- d-----r- C:\Program Files (x86)\Skype <br/>2013-08-29 04:37:29 81408 ----a-w- C:\Windows\System32\imagehlp.dll <br/>2013-08-29 04:37:29 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys <br/>2013-08-29 04:37:29 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll <br/>2013-08-29 04:37:28 5120 ----a-w- C:\Windows\SysWow64\wmi.dll <br/>2013-08-29 04:37:28 5120 ----a-w- C:\Windows\System32\wmi.dll <br/>2013-08-29 04:33:13 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys <br/>2013-08-29 04:33:12 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys <br/>2013-08-29 04:33:12 144384 ----a-w- C:\Windows\System32\cdd.dll <br/>2013-08-29 04:31:54 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe <br/>2013-08-29 04:30:56 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys <br/>2013-08-29 04:26:13 -------- d-----w- C:\Users\notwithit\AppData\Local\Google <br/>2013-08-29 04:25:49 -------- d-----w- C:\Users\notwithit\AppData\Local\Apps <br/>2013-08-29 04:25:48 -------- d-----w- C:\Users\notwithit\AppData\Local\Deployment <br/>2013-08-29 04:22:56 -------- d-----w- C:\Windows\Panther <br/>2013-08-29 04:22:27 77312 ----a-w- C:\Windows\System32\packager.dll <br/>2013-08-29 04:22:27 67072 ----a-w- C:\Windows\SysWow64\packager.dll <br/>2013-08-29 04:14:49 -------- d-----w- C:\Intel <br/>2013-08-29 04:13:07 -------- d-----w- C:\Users\notwithit\AppData\Local\Hewlett-Packard <br/>2013-08-29 04:11:47 2622464 ----a-w- C:\Windows\System32\wucltux.dll <br/>2013-08-29 04:11:37 99840 ----a-w- C:\Windows\System32\wudriver.dll <br/>2013-08-29 04:11:31 36864 ----a-w- C:\Windows\System32\wuapp.exe <br/>2013-08-29 04:11:31 186752 ----a-w- C:\Windows\System32\wuwebv.dll <br/>2013-08-29 04:10:36 -------- d-----w- C:\Users\notwithit\AppData\Roaming\hpqLog <br/>2013-08-29 04:10:17 -------- d-sh--w- C:\Windows\Installer <br/>2013-08-29 04:05:00 90624 ----a-w- C:\Windows\System32\AESTCo64.dll <br/>2013-08-29 04:05:00 68608 ----a-w- C:\Windows\System32\AESTAR64.dll <br/>2013-08-29 04:05:00 489472 ----a-w- C:\Windows\sttray64.exe <br/>2013-08-29 04:05:00 442368 ----a-w- C:\Windows\System32\AESTEC64.dll <br/>2013-08-29 04:05:00 1952256 ----a-w- C:\Windows\System32\stlang64.dll <br/>2013-08-29 04:05:00 162816 ----a-w- C:\Windows\System32\AESTAC64.dll <br/>2013-08-29 04:05:00 12861952 ----a-w- C:\Windows\System32\idtcpl64.cpl <br/>2013-08-29 04:04:41 651264 ------w- C:\Windows\System32\stapi64.dll <br/>2013-08-29 04:04:41 515584 ----a-w- C:\Windows\System32\drivers\stwrt64.sys <br/>2013-08-29 04:04:41 431616 ----a-w- C:\Windows\System32\stcplx64.dll <br/>2013-08-29 04:04:41 219648 ----a-w- C:\Windows\System32\staco64.dll <br/>2013-08-29 04:04:41 1484288 ----a-w- C:\Windows\System32\stapo64.dll <br/>2013-08-29 04:04:40 -------- d-----w- C:\Program Files\IDT <br/>2013-08-29 04:04:33 -------- d-----w- C:\SWSetup <br/>2013-08-20 14:02:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys <br/>2013-08-20 14:02:12 103576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-08-29 05:18:20 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll <br/>2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll <br/>2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll <br/>2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll <br/>2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll <br/>2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll <br/>2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2013-08-10 03:02:14 66264 ----a-w- C:\Windows\System32\btwdi.dll <br/>2013-08-10 03:02:14 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll <br/>2013-08-10 03:02:14 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys <br/>2013-08-10 03:02:14 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys <br/>2013-08-10 03:02:12 2252504 ----a-w- C:\Windows\System32\BtwRSupportService.exe <br/>2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe <br/>2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe <br/>2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe <br/>2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys <br/>2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe <br/>2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll <br/>2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll <br/>2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll <br/>2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll <br/>2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll <br/>2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll <br/>2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll <br/>2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe <br/>2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe <br/>2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll <br/>2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll <br/>2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll <br/>2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe <br/>2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe <br/>2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe <br/>2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll <br/>2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe <br/>2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe <br/>2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll <br/>2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll <br/>2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll <br/>2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll <br/>2013-07-28 22:44:52 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll <br/>2013-07-28 22:44:50 96784 ----a-w- C:\Windows\SysWow64\Packet.dll <br/>2013-07-28 22:44:50 369168 ----a-w- C:\Windows\System32\wpcap.dll <br/>2013-07-28 22:44:50 35344 ----a-w- C:\Windows\System32\drivers\npf.sys <br/>2013-07-28 22:44:50 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll <br/>2013-07-28 22:44:50 106000 ----a-w- C:\Windows\System32\Packet.dll <br/>2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL <br/>2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL <br/>2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll <br/>2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll <br/>2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll <br/>2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll <br/>2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll <br/>2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll <br/>2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll <br/>2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll <br/>2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll <br/>2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll <br/>2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll <br/>2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll <br/>2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys <br/>. <br/>============= FINISH: 2:30:41.58 ===============
Posted 9/19/2013 9:39 AM
#96013
User avatar

Notwithit Valued member

Date Joined Nov 2016
Total Posts: 16
MBAM LOG <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.09.19.01 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) <br/>Internet Explorer 10.0.9200.16686 <br/>notwithit :: HAPPYLAPPY [administrator] <br/> <br/>9/19/2013 2:12:56 AM <br/>mbam-log-2013-09-19 (02-12-56).txt <br/> <br/>Scan type: Full scan (C:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 316404 <br/>Time elapsed: 15 minute(s), 35 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end)
Posted 9/19/2013 9:39 AM
#96014
User avatar

Notwithit Valued member

Date Joined Nov 2016
Total Posts: 16
HiJackThis Log <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 2:31:56 AM, on 9/19/2013 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v10.0 (10.00.9200.16686) <br/> <br/> <br/>Boot mode: Safe mode with network support <br/> <br/>Running processes: <br/>C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Users\notwithit\Downloads\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>F2 - REG:system.ini: UserInit=userinit.exe, <br/>O1 - Hosts: 127.94.0.1 client.openvpn.net <br/>O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll <br/>O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript <br/>O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun <br/>O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun <br/>O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') <br/>O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') <br/>O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') <br/>O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') <br/>O4 - Global Startup: OpenVPN Connect.lnk = C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{8E9EFE0E-CCEE-4BA9-9873-84FE8CB4A309}: NameServer = 8.8.8.8 <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing) <br/>O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe <br/>O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe <br/>O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe <br/>O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe <br/>O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe <br/>O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 10298 bytes
Posted 9/24/2013 9:41 PM
#96026
User avatar

Advanced member

I will kindly ask you to follow these steps: <br/> <br/>1. Go to Start and type CMD.exe in the search field. <br/>2. Wait for a few moments and, when CMD.exe is displayed in the list above, right-click on it and select "Run as administrator" <br/>3. In the black CMD window type the following and press Enter: <br/>Change logon /enable <br/>4. Wait for CMD to be finished and reboot the computer. <br/> <br/>If this does not solve the problem, try a SFC /SCANNOW command instead of the logon change. <br/> <br/>Cheers
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 10/24/2013 6:27 PM
#96109
User avatar

Notwithit Valued member

Date Joined Nov 2016
Total Posts: 16
Sorry for taking a month to get back to you. My word I am terrible! I had already changed my login to enable so that I can actually get into the computer. Hah. Doing sfc /scannow now. Hopefully that fixes the problem. The main worry was that there were remnants of a virus or something crappy that I hadn't caught. Thank you for your help!
Posted 10/25/2013 3:46 AM
#96112
User avatar

Advanced member

I do not see anything suspicious in your logs. If you update Avast and run a boot time scan it will most likely solve the problem if there is one. <br/> <br/>However, if you have any other issues with system functions not working, those can be solved with the sfc scan in the good case or by doing a repair of the system in the worst case scenario. <br/> <br/>Take your time and see how the computer is running for a while. Then contact us again and let us know if you see anything not working properly. <br/> <br/>Cheers!
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 5:20 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.