mhutchinson
2011-01-18, 17:58
As the title states, I have two instances of internet explorer running in the background with no other windows open. Every five minutes or so i will get the MS error stating that IE has encountered a problem and must be closed, then giving me the choice to send or not to send the report.
I have run everything i can think of.
HJT, ComboFix, MalwareBytes, Spybot, SuperAntiSpyware, GMer, Windows Cleanup 4.5.2, CCleaner, SmitFraudFix, tdsskiller, unhackme, and SDfix.
Below is my DDS Log.
Any help would be appreciated.
DDS (Ver_10-12-12.02) - NTFSx86
Run by jatc3 at 8:49:01.26 on Tue 01/18/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1389 [GMT -8:00]
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\jatc3\Desktop\dds.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Idea2 SidebarBrowserMonitor Class: {45ad732c-2ce2-4666-b366-b2214ad57a49} - c:\program files\desktop sidebar\sbhelp.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09FE188B-6E85-479e-9411-51FB2220DF80} - {45AD732C-2CE2-4666-B366-B2214AD57A49} - c:\program files\desktop sidebar\sbhelp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230170846906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: DeviceNP - DeviceNP.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2008-7-1 540448]
R3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys [2010-12-23 20480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-4 136176]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2010-7-15 121416]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2008-7-1 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2007-6-8 172131]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 RkPavproc1;RkPavproc1;c:\windows\system32\drivers\RkPavproc1.sys [2010-7-23 16648]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-8-12 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-7-22 148992]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-01-18 16:19:21 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{fffe1620-53b9-4e88-901f-1ab1910438d9}\mpengine.dll
2011-01-17 23:01:31 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-01-17 22:13:48 -------- d-----w- c:\windows\ERUNT
2011-01-17 21:02:32 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-01-17 21:02:31 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-17 21:02:31 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-17 21:02:30 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-01-17 19:40:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-17 19:40:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-01-17 18:20:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-17 17:34:15 1646 ----a-w- c:\windows\system32\tmp.reg
2011-01-17 17:20:13 -------- d-----w- C:\SDFix
2011-01-17 16:22:48 -------- d-----w- c:\program files\Trend Micro
2011-01-15 00:24:01 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\Temp
2011-01-15 00:23:49 -------- d-----w- c:\windows\system32\winrm
2011-01-15 00:23:46 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-01-15 00:19:28 -------- d-----w- c:\program files\LSI SoftModem
2011-01-14 23:48:45 -------- dc-h--w- c:\windows\ie8
2011-01-14 21:37:40 -------- d-----w- c:\program files\CleanUp!
2011-01-14 21:32:59 -------- d-----w- c:\program files\Yahoo!
2011-01-14 21:32:49 -------- d-----w- c:\program files\CCleaner
2011-01-14 21:26:22 -------- d-----w- c:\docume~1\jatc3\applic~1\Malwarebytes
2011-01-14 21:26:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-14 21:26:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-14 21:26:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-14 21:26:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-14 19:45:29 -------- d-sha-r- C:\cmdcons
2011-01-14 19:40:01 98816 ----a-w- c:\windows\sed.exe
2011-01-14 19:40:01 89088 ----a-w- c:\windows\MBR.exe
2011-01-14 19:40:01 256512 ----a-w- c:\windows\PEV.exe
2011-01-14 19:40:01 161792 ----a-w- c:\windows\SWREG.exe
2011-01-14 19:36:23 -------- d-----w- C:\ComboFix
2011-01-09 07:04:52 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-01-07 03:43:53 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\PCHealth
2011-01-07 02:18:17 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-07 02:09:49 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-07 00:19:02 -------- d-----w- C:\c2a720f8626e6e09af0e73
2011-01-07 00:18:39 -------- d-----w- C:\9662927e6a7bc834ee08d88dd249f4
2011-01-05 00:19:01 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\Google
2011-01-01 00:02:10 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PIKGCQS
2010-12-24 18:47:57 -------- d-----w- c:\docume~1\jatc3\applic~1\xssendytrscvxsqcy2gr1uymsfen2lwwjlmnu
2010-12-24 04:35:10 20480 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2010-12-24 04:35:10 20480 ----a-w- c:\documents and settings\jatc3\ndisrd.sys
2010-12-24 04:35:10 13824 ----a-w- c:\documents and settings\jatc3\snetcfg.exe
2010-12-24 04:32:52 -------- d-----w- c:\docume~1\jatc3\applic~1\xssendmho2qlshvn2jvruvrtismvtacwanhss
2010-12-19 20:35:28 -------- d-----w- c:\windows\pss
==================== Find3M ====================
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 8:56:05.85 ===============
I have run everything i can think of.
HJT, ComboFix, MalwareBytes, Spybot, SuperAntiSpyware, GMer, Windows Cleanup 4.5.2, CCleaner, SmitFraudFix, tdsskiller, unhackme, and SDfix.
Below is my DDS Log.
Any help would be appreciated.
DDS (Ver_10-12-12.02) - NTFSx86
Run by jatc3 at 8:49:01.26 on Tue 01/18/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1389 [GMT -8:00]
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\jatc3\Desktop\dds.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Idea2 SidebarBrowserMonitor Class: {45ad732c-2ce2-4666-b366-b2214ad57a49} - c:\program files\desktop sidebar\sbhelp.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09FE188B-6E85-479e-9411-51FB2220DF80} - {45AD732C-2CE2-4666-B366-B2214AD57A49} - c:\program files\desktop sidebar\sbhelp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230170846906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: DeviceNP - DeviceNP.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2008-7-1 540448]
R3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys [2010-12-23 20480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-4 136176]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2010-7-15 121416]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2008-7-1 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2007-6-8 172131]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 RkPavproc1;RkPavproc1;c:\windows\system32\drivers\RkPavproc1.sys [2010-7-23 16648]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-8-12 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-7-22 148992]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-01-18 16:19:21 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{fffe1620-53b9-4e88-901f-1ab1910438d9}\mpengine.dll
2011-01-17 23:01:31 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-01-17 22:13:48 -------- d-----w- c:\windows\ERUNT
2011-01-17 21:02:32 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-01-17 21:02:31 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-17 21:02:31 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-17 21:02:30 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-01-17 19:40:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-17 19:40:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-01-17 18:20:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-17 17:34:15 1646 ----a-w- c:\windows\system32\tmp.reg
2011-01-17 17:20:13 -------- d-----w- C:\SDFix
2011-01-17 16:22:48 -------- d-----w- c:\program files\Trend Micro
2011-01-15 00:24:01 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\Temp
2011-01-15 00:23:49 -------- d-----w- c:\windows\system32\winrm
2011-01-15 00:23:46 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-01-15 00:19:28 -------- d-----w- c:\program files\LSI SoftModem
2011-01-14 23:48:45 -------- dc-h--w- c:\windows\ie8
2011-01-14 21:37:40 -------- d-----w- c:\program files\CleanUp!
2011-01-14 21:32:59 -------- d-----w- c:\program files\Yahoo!
2011-01-14 21:32:49 -------- d-----w- c:\program files\CCleaner
2011-01-14 21:26:22 -------- d-----w- c:\docume~1\jatc3\applic~1\Malwarebytes
2011-01-14 21:26:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-14 21:26:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-14 21:26:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-14 21:26:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-14 19:45:29 -------- d-sha-r- C:\cmdcons
2011-01-14 19:40:01 98816 ----a-w- c:\windows\sed.exe
2011-01-14 19:40:01 89088 ----a-w- c:\windows\MBR.exe
2011-01-14 19:40:01 256512 ----a-w- c:\windows\PEV.exe
2011-01-14 19:40:01 161792 ----a-w- c:\windows\SWREG.exe
2011-01-14 19:36:23 -------- d-----w- C:\ComboFix
2011-01-09 07:04:52 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-01-07 03:43:53 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\PCHealth
2011-01-07 02:18:17 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-07 02:09:49 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-07 00:19:02 -------- d-----w- C:\c2a720f8626e6e09af0e73
2011-01-07 00:18:39 -------- d-----w- C:\9662927e6a7bc834ee08d88dd249f4
2011-01-05 00:19:01 -------- d-----w- c:\docume~1\jatc3\locals~1\applic~1\Google
2011-01-01 00:02:10 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PIKGCQS
2010-12-24 18:47:57 -------- d-----w- c:\docume~1\jatc3\applic~1\xssendytrscvxsqcy2gr1uymsfen2lwwjlmnu
2010-12-24 04:35:10 20480 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2010-12-24 04:35:10 20480 ----a-w- c:\documents and settings\jatc3\ndisrd.sys
2010-12-24 04:35:10 13824 ----a-w- c:\documents and settings\jatc3\snetcfg.exe
2010-12-24 04:32:52 -------- d-----w- c:\docume~1\jatc3\applic~1\xssendmho2qlshvn2jvruvrtismvtacwanhss
2010-12-19 20:35:28 -------- d-----w- c:\windows\pss
==================== Find3M ====================
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 8:56:05.85 ===============