Logitech/Skype BSODs

P

PeacemakerTX

Member
Joined
Sep 6, 2012
Posts
5
Getting 2-3 BSODs a week that are directly caused by lvrs64.sys - it is the offender cited every time. I have uninstalled all the software and drivers from Logitech, and then reinstalled the latest after a reboot of Windows. No joy.

Here are the .txt files requested by Wrench97:
View attachment DDS.txt
View attachment checkup.txt
View attachment Attach.txt

Edited to paste logs

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Tim at 18:50:45 on 2012-09-06
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.7696 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\Program Files\UCT\HDR Express\HDRExpressService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
D:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
D:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
D:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
D:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
D:\Program Files\Core Temp\Core Temp.exe
D:\Program Files (x86)\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Intellicast\Intellicast.exe
F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
D:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
D:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe
D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
C:\Windows\splwow64.exe
D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
D:\Program Files (x86)\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SAMSUNG\AllShare\AllShareAgent.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Users\Tim\AppData\Roaming\mjusbsp\magicJack.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
F:\Downloads\DDS\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k defragsvc
d:\program files (x86)\RealPlay.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AGSearchHook Class: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - C:\Program Files (x86)\AGI\common\agcutils.dll
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [cdloader] "C:\Users\Tim\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
mRun: [LWS] F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [MRUTray] D:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [THX Audio Control Panel] "D:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [Malwarebytes' Anti-Malware] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DMXLauncher] "D:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe"
mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun: [TkBellExe] "D:\Program Files (x86)\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
StartupFolder: C:\Users\Tim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTELL~1.LNK - C:\Program Files (x86)\Intellicast\Intellicast.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - D:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimizer/fios/vzTCPConfig.CAB
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.127.0.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://pcpitstop.com/mhLbl.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7CBB028E-8366-47C2-A6DB-909BE033A4C1} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO-X64: Canon Easy-WebPrint EX BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [LWS] F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [MRUTray] D:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [THX Audio Control Panel] "D:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [Malwarebytes' Anti-Malware] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun-x64: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun-x64: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [DMXLauncher] "D:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe"
mRun-x64: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun-x64: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun-x64: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
mRun-x64: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun-x64: [TkBellExe] "D:\Program Files (x86)\update\realsched.exe" -osboot
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
IE-X64: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\system32\DRIVERS\mv91cons.sys --> C:\Windows\system32\DRIVERS\mv91cons.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]
R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]
R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;D:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-8-22 30592]
R1 pfmfs_640;pfmfs_640;C:\Windows\system32\Drivers\pfmfs_640.sys --> C:\Windows\system32\Drivers\pfmfs_640.sys [?]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/05/08 14:04:04];D:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [2011-12-20 146928]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-3-30 151656]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]
R2 HDRExpressService;HDRExpressService;D:\Program Files\UCT\HDR Express\HDRExpressService.exe [2011-4-4 28432]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-8 13336]
R2 Marvell RAID;Marvell RAID Event Agent;D:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe [2010-2-9 235560]
R2 MBAMService;MBAMService;D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-13 655944]
R2 MRUWebService;MRU Web Service;D:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe [2008-6-12 24635]
R2 MSI_SuperCharger;MSI_SuperCharger;D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-8-19 136704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-20 1258856]
R2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\SAMSUNG\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-6-28 382312]
R2 TeamViewer7;TeamViewer 7;D:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-8-15 2673064]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-8-19 14136]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
S2 AGWinService;AG Windows Service;C:\Program Files (x86)\AGI\common\win32\pythonservice.exe [2011-11-10 10240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250568]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-5-8 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-5-8 79360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-8-20 150464]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]
S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Program Files (x86)\SAMSUNG\AllShare\AllShareSlideShowService.exe [2012-3-2 27584]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440]
S4 SBPIMSvc;SB Recovery Service;D:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [2011-5-11 181584]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-09-06 15:02:03 -------- d-----w- C:\perflogs
2012-09-06 14:00:41 -------- d-----w- C:\Users\Tim\AppData\Local\{33D9E58C-AB29-4B2E-9046-982A3470C04C}
2012-09-06 01:16:44 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C34C90A1-E7BD-42DB-ADB9-BC9E9B5C9C3E}\mpengine.dll
2012-09-05 21:01:57 -------- d-----w- C:\Users\Tim\AppData\Local\{B13B59A2-1D2D-4497-8659-4EA9CA9B8B07}
2012-09-05 06:08:56 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll
2012-09-05 06:08:56 20032 ----a-w- C:\Windows\SysWow64\drivers\dgderdrv.sys
2012-09-05 06:06:24 -------- d-----w- C:\Program Files\Samsung
2012-09-05 05:48:11 -------- d-----w- C:\Program Files (x86)\MyFree Codec
2012-09-05 05:44:18 -------- d-----w- C:\Download
2012-09-05 05:40:34 -------- d-----w- C:\AllShare
2012-09-05 05:20:33 -------- d-----w- C:\Users\Tim\AppData\Local\Samsung
2012-09-05 05:20:32 -------- d-----w- C:\Users\Tim\AppData\Roaming\Samsung
2012-09-05 05:18:39 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll
2012-09-05 05:18:32 -------- d-----w- C:\Program Files (x86)\MarkAny
2012-09-05 05:17:59 -------- d-----w- C:\ProgramData\Samsung
2012-09-05 05:12:25 -------- d-----w- C:\Users\Tim\AppData\Local\Downloaded Installations
2012-09-05 03:16:36 -------- d-----w- C:\Users\Tim\AppData\Local\{D4884806-B636-4949-A6A1-B53849CB6A59}
2012-09-04 13:22:10 9310152 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-04 13:11:44 -------- d-----w- C:\Users\Tim\AppData\Local\{54BD7124-E5D1-4C2B-93A9-1B153CE4971B}
2012-09-03 20:25:34 -------- d-----w- C:\Users\Tim\AppData\Local\{453C67BB-AE4D-425C-B1F1-6ECCA614292F}
2012-09-02 22:07:48 -------- d-----w- C:\Users\Tim\AppData\Local\{778AE351-3832-4787-A081-53C1527C424A}
2012-09-01 13:01:08 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-31 19:18:38 -------- d-----w- C:\Users\Tim\AppData\Local\{E8B6F065-67CC-441C-9991-56E0F619BE41}
2012-08-29 15:42:09 -------- d-----w- C:\Users\Tim\AppData\Local\{C97FF917-6141-4E34-BA52-7E138C61852E}
2012-08-29 03:41:37 -------- d-----w- C:\Users\Tim\AppData\Local\{2C1DF0DB-ED93-4802-A1C3-9C4268B996E6}
2012-08-28 21:18:59 -------- d-----w- C:\ProgramData\{4D8DE63B-1E78-4536-905D-81FAA11BF701}
2012-08-28 21:16:45 -------- d-----w- C:\Users\Tim\AppData\Roaming\Stamps.com Internet Postage
2012-08-28 21:16:35 -------- d-----w- C:\ProgramData\{4E417984-0B3D-48F3-9FA4-E1ABB0DA51B7}
2012-08-28 21:16:25 -------- d-----w- C:\ProgramData\{C243CCC8-5474-45FC-A546-7FBC284A692E}
2012-08-28 21:16:21 -------- d-----w- C:\ProgramData\{F74FAF01-6ED9-4DAC-8BD2-E5F7C218B43C}
2012-08-28 21:16:16 -------- d-----w- C:\Users\Tim\AppData\Local\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
2012-08-28 21:14:40 -------- d-----w- C:\Users\Tim\AppData\Local\Seven Zip
2012-08-27 14:06:27 -------- d-----w- C:\Users\Tim\AppData\Local\{C515D32C-7386-48FD-BA22-2C2183F756D3}
2012-08-26 19:14:08 -------- d-----w- C:\Users\Tim\AppData\Roaming\Foxit Software
2012-08-25 02:27:26 -------- d-----w- C:\Users\Tim\AppData\Local\{1CB7131D-F553-4633-A675-5B46B5DEA398}
2012-08-22 06:57:54 -------- d-----w- C:\Users\Tim\AppData\Local\{60A254B7-F1DD-480A-9A2E-8B25EA5128F9}
2012-08-21 21:42:39 -------- d-----w- C:\Users\Tim\AppData\Local\Online Drive Benchmark
2012-08-21 04:27:21 -------- d-----w- C:\Users\Tim\AppData\Local\Futuremark_Corporation
2012-08-21 04:24:53 -------- d-----w- C:\Program Files (x86)\Futuremark
2012-08-21 04:24:46 -------- d-----w- C:\ProgramData\Futuremark
2012-08-20 22:59:00 -------- d-----w- C:\Users\Tim\Heaven
2012-08-20 20:41:09 -------- d-----w- C:\Users\Tim\AppData\Local\{64884F4A-5779-4459-8C22-BC2A424A89DA}
2012-08-20 06:43:24 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-08-20 06:43:24 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-08-20 06:43:24 6193000 ----a-w- C:\Windows\System32\nvcpl.dll
2012-08-20 06:43:24 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-08-20 06:43:24 2667062 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-08-20 06:43:24 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-08-20 06:43:15 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2012-08-20 06:43:15 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-08-20 06:43:01 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-08-19 22:15:25 -------- d-----w- C:\Users\Tim\AppData\Local\{23DF1E1D-EB7F-4E8D-B2E6-83BD378D6A20}
2012-08-19 21:46:20 11264 ----a-r- C:\Users\Tim\AppData\Roaming\Microsoft\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
2012-08-19 21:31:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-08-19 17:08:37 -------- d--h--w- C:\SuperChargerProfile
2012-08-18 22:14:41 -------- d-----w- C:\Users\Tim\AppData\Local\{E008D3FA-6E13-4375-AE16-C256A88B03FB}
2012-08-18 22:14:19 -------- d-----w- C:\Users\Tim\AppData\Local\{BD1E638F-F1CE-4E05-B9F9-06DD40EC0184}
2012-08-18 10:13:56 -------- d-----w- C:\Users\Tim\AppData\Local\{95F0321A-F779-4235-9079-B81844E61786}
2012-08-17 22:13:24 -------- d-----w- C:\Users\Tim\AppData\Local\{7B0E495A-80AC-4A53-81C9-9FD0FA2A89CB}
2012-08-17 10:12:53 -------- d-----w- C:\Users\Tim\AppData\Local\{46596F0C-8790-4223-AD35-7BDAB25157AC}
2012-08-16 22:12:21 -------- d-----w- C:\Users\Tim\AppData\Local\{D7CEBEF2-FBB0-4CD4-9E10-4B0DC5D93348}
2012-08-16 22:12:00 -------- d-----w- C:\Users\Tim\AppData\Local\{9E3E09D6-3EBC-4D16-AD2C-09A325175155}
2012-08-16 10:11:37 -------- d-----w- C:\Users\Tim\AppData\Local\{5294F3B0-8017-4BEB-9BB3-D72CAA582403}
2012-08-15 23:09:09 -------- d-----w- C:\Users\Tim\temp
2012-08-15 23:04:01 -------- d-----w- C:\Program Files (x86)\Secunia
2012-08-15 22:11:05 -------- d-----w- C:\Users\Tim\AppData\Local\{1955B76F-6D59-4C68-90B8-F636BE1F207D}
2012-08-15 22:10:44 -------- d-----w- C:\Users\Tim\AppData\Local\{806D01FF-EEE6-47FA-AB2A-FFDC067FD9F8}
2012-08-15 10:10:21 -------- d-----w- C:\Users\Tim\AppData\Local\{20202EA1-C339-4DDB-9062-1F6B9669F5FC}
2012-08-14 22:09:50 -------- d-----w- C:\Users\Tim\AppData\Local\{C3CE149A-45F3-400A-BEF8-6EA168227DDD}
2012-08-14 22:09:29 -------- d-----w- C:\Users\Tim\AppData\Local\{99B51E39-6CEA-4AC4-AE4F-EC8685451190}
2012-08-14 10:09:06 -------- d-----w- C:\Users\Tim\AppData\Local\{1CD4DF14-BFEF-40B7-8B64-624127A959A5}
2012-08-13 22:08:34 -------- d-----w- C:\Users\Tim\AppData\Local\{755E9E62-297E-4C7F-A800-051DAC59EAD4}
2012-08-13 10:08:02 -------- d-----w- C:\Users\Tim\AppData\Local\{8EF01654-741C-4754-AAC1-1D4005F7FA09}
2012-08-12 22:07:30 -------- d-----w- C:\Users\Tim\AppData\Local\{C8D54E40-AEB7-4B20-9736-80B6650D9BCA}
2012-08-12 10:06:57 -------- d-----w- C:\Users\Tim\AppData\Local\{E2BE2D3C-2C98-4AD0-816A-F975D1547FA9}
2012-08-11 22:06:26 -------- d-----w- C:\Users\Tim\AppData\Local\{D7C0D02C-0A7E-4CAF-AA6C-EB3A918CE261}
2012-08-11 10:06:06 -------- d-----w- C:\Users\Tim\AppData\Local\{7DA89660-5E7F-4A7C-AFC3-D8E706E4FF44}
2012-08-10 22:05:42 -------- d-----w- C:\Users\Tim\AppData\Local\{F5EB612B-1310-4030-AFC8-C29A810A487C}
2012-08-10 22:05:33 -------- d-----w- C:\Users\Tim\AppData\Local\{3632ED56-CCE9-4CF4-9208-4D4CCEC3AF18}
.
==================== Find3M ====================
.
2012-09-01 13:01:04 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-01 13:01:04 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-24 05:14:53 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 05:14:53 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-21 05:03:19 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-08-21 05:03:18 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-08-21 05:03:18 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-08-21 05:03:18 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-07-27 19:21:29 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-07-27 19:21:22 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-07-27 19:21:22 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-06 20:07:42 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-28 22:44:42 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-06-28 15:55:26 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-11 13:55:50 3166792 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2011-12-11 19:06:56 40960 ----a-w- C:\Program Files\gfx.dll
2011-12-11 19:06:56 40960 ----a-w- C:\Program Files (x86)\gfx.dll
.
============= FINISH: 18:51:03.08 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/8/2011 10:22:01 AM
System Uptime: 9/6/2012 9:53:49 AM (9 hours ago)
.
Motherboard: MSI | | Big Bang-XPower (MS-7666)
Processor: Intel(R) Core(TM) i7 CPU 965 @ 3.20GHz | CPU1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 238 GiB total, 142.285 GiB free.
D: is FIXED (NTFS) - 279 GiB total, 246.247 GiB free.
E: is FIXED (NTFS) - 1397 GiB total, 1289.427 GiB free.
F: is FIXED (NTFS) - 1397 GiB total, 1016.202 GiB free.
G: is CDROM ()
H: is CDROM ()
I: is Removable
J: is Removable
K: is Removable
L: is Removable
M: is Removable
N: is CDROM ()
O: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP380: 8/26/2012 9:37:23 PM - Windows Update
RP381: 8/30/2012 12:19:28 AM - Windows Update
RP382: 9/1/2012 8:00:54 AM - Installed Java 7 Update 7
RP383: 9/2/2012 3:45:15 PM - Windows Update
RP384: 9/5/2012 12:15:43 AM - Installed Samsung Kies
RP385: 9/5/2012 12:17:46 AM - Installed Samsung Kies
RP386: 9/5/2012 12:40:17 AM - Installed Samsung AllShare
RP387: 9/5/2012 12:58:03 AM - Before uninstalling Samsung Kies
RP388: 9/5/2012 12:58:42 AM - Removed Samsung Kies
RP389: 9/5/2012 1:03:54 AM - Before uninstalling SAMSUNG USB Driver for Mobile Phones
RP390: 9/5/2012 1:08:06 AM - Installed Kies mini
RP392: 9/5/2012 8:16:39 PM - Windows Update
RP393: 9/6/2012 9:04:53 AM - Before uninstalling RAMDisk
RP394: 9/6/2012 9:05:01 AM - Removed RAMDisk
.
==== Installed Programs ======================
.
.
3DMark 11
3DMark Vantage
3DMark06
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
Adobe Shockwave Player 11.6
Amazon Add to Wish List IE Extension 1.2
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Software Update
Bejeweled Deluxe 1.861
Belarc Advisor 8.2
Bookworm Adventures Deluxe 1.0
Boost Windows Version 2.1
CameraHelperMsi
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MG5300 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CBR Reader
CrystalDiskInfo 5.0.2
CyberLink BD_3D Advisor 2.0
CyberLink PowerDVD 10
D3DX10
Data Lifeguard Diagnostic for Windows 1.21
DirectX 9 Runtime
DiskCheckup v3.1
DivX Setup
DVD Decrypter (Remove Only)
Dynomite Deluxe 2.71
Elements 9 Organizer
Elements STI Installer
eReg
EVGA Precision X 3.0.3
Face Filter
forteManager
Foxit Reader
Free M4a to MP3 Converter 6.1
Free WAV To MP3 Converter 1.0
Free WMA to MP3 Converter 1.16
Futuremark SystemInfo
G-Force
Garmin Communicator Plugin
Garmin USB Drivers
Garmin WebUpdater
Geeks3D.com FurMark 1.9.2
HDR Express
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
hppMSRedist
hppusgP1000
Intel(R) Rapid Storage Technology
Intellicast Desktop
Internet TV for Windows Media Center
iZotope Music & Speech Cleaner
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Kies mini
LEGO Digital Designer
LightScribe Applications
LightScribe Diagnostic Utility
LightScribe System Software
LightScribe Template Labeler
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
magicJack
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
marvell 91xx driver
Marvell MRU V4
Mesh Runtime
Microsoft .NET Framework 1.1
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
MrvlUsgTracking
MSI Kombustor 2.4.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
msxml4
MyFreeCodec
NirSoft BlueScreenView
NVIDIA Performance
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA System Monitor
NVIDIA System Update
Online Bible 10.00.02
OpenAL
OpenLibraries
Origin
PCMark 7
PCMark Vantage
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Renesas Electronics USB 3.0 Host Controller Driver
Roxio BackOnTrack
Roxio BackOnTrackPE
Roxio Burn - Secure
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2012 Pro
Roxio Creator 2012 Pro Disc 2
Roxio Creator Content 2012
Roxio PhotoShow
Roxio System Rollback Recovery Disk
Roxio Video Capture USB
Samsung AllShare
Samsung_MonSetup
SeaTools for Windows
Secunia PSI (3.0.0.3001)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype Click to Call
Skypeâ„¢ 5.10
SmartSound Common Data
SmartSound Quicktracks 5
SmartSound Sonicfire Pro 5
SSA Benefit Calculator
Stamps.com
Stamps.com Address Book Support for Microsoft Outlook 97-2010
Stamps.com Address Book Support for Windows Contacts for Vista
Stamps.com Application Support for Microsoft Outlook 2000-2010
Stamps.com Application Support for Microsoft Word 2000-2010
Stamps.com support for Microsoft Outlook 2000-2010
Stamps.com support for Microsoft Outlook 97-2010
Stamps.com support for Microsoft Word 2000-2010
Stamps.com support for Windows Contacts for Vista
Super-Charger
swMSM
System Requirements Lab
System Requirements Lab for Intel
TeamViewer 7
TechPowerUp GPU-Z
THX TruStudio PC
Triple Scoop Music
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC80CRTRedist - 8.0.50727.6195
Webshots Desktop
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Xingtone Ringtone Maker
Your Uninstaller! 7
.
==== Event Viewer Messages From Past Week ========
.
9/6/2012 9:55:59 AM, Error: Schannel [36887] - The following fatal alert was received: 80.
9/6/2012 9:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/6/2012 9:54:26 AM, Error: Service Control Manager [7024] - The AG Windows Service service terminated with service-specific error Incorrect function..
9/6/2012 9:54:26 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 9 service to connect.
9/6/2012 8:59:58 AM, Error: RAMDiskVE [11] -
9/5/2012 7:59:32 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk10\DR9.
9/5/2012 12:50:08 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk11\DR16.
9/5/2012 12:50:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
9/5/2012 12:50:06 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk12\DR17.
9/5/2012 12:49:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
9/4/2012 9:06:50 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
9/4/2012 3:05:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff8800275af8a, 0xfffff880065c3898, 0xfffff880065c30f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 090412-30014-01.
9/3/2012 3:24:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff88007b53f8a, 0xfffff88006596898, 0xfffff880065960f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 090312-41090-01.
9/2/2012 9:45:08 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
9/2/2012 3:34:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000005, 0xfffffa800e4871a0, 0x0000000080863a3c, 0xfffffa800f80aaf8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 090212-32526-01.
9/2/2012 11:41:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk11\DR12.
9/2/2012 11:41:03 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk12\DR13.
8/31/2012 2:17:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff88002556f8a, 0xfffff880063ab898, 0xfffff880063ab0f0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 083112-40981-01.
.
==== End Of File ===========================

Results of screen317's Security Check version 0.99.50
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.3001)
Malwarebytes Anti-Malware version 1.62.0.1300
iZotope Music & Speech Cleaner
JavaFX 2.1.1
Java 7 Update 7
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
 
Last edited by a moderator:
Hi, PeacemakerTX.

Although I am not seeing signs of malware, like Wrench97, I am not finding much on the driver pfmfs_640.sys. However, it appears to be legitimate as a driver for Pismo File Mount. That said, I do not see Pismo listed in installed programs, unless you had it installed at one point and the driver was left behind when removing it.

As a precaution, please go to https://www.virustotal.com/. Click "Choose File" and navigate to C:\Windows\system32\Drivers\pfmfs_640.sys. After the file is uploaded, click the Scan it! button. Please post the results of the scan.

(Note: Reference to BSOD thread, https://www.sysnative.com/forums/sh...tech-Skype-BSODs?p=26142&viewfull=1#post26142)
 
Hi, Corrine:

Interestingly, that program IS installed...go figure. See below for the screenshot of my Start menu with Pismo highlighted. The referenced file is part of that installation: I just forgot to include it in my response to Wrench97.

Pismo Install Proof.jpg
 
That's good. Then we know it is legitimate. You can go ahead and remove the files you downloaded to your desktop to provide the logs.

With everything you've been doing, it wouldn't hurt to run TFC and after that defrag your computer. TFC is a handy tool to keep around.

Download TFC by Old Timer from here (direct download): http://www.itxassociates.com/OT-Tools/TFC.exe

  • First, save any files as TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

More info:
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB).

Before running, it will stop Explorer and all other running applications. When finished, if a reboot is required the user must reboot to finish clearing any in-use temp files.
-- TFC only cleans temp folders.
-- TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail.

TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top