Windows Media Player constantly open in the background?

P

poobla5

New member
Local time
4:52 AM
Messages
14
For some reason when I look in my task manager, WMP is always open even though I haven't opened it and it's not visibly open at all. I decided to do a process library scan and it came up with this result:
wmplayer.exe Startup Details


Startup Method:

Process

Parent Process:

roxioburnlauncher.exe

Startup Location:

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup



What could this roxioburnlauncher thing be? Is this dangerous? Thanks much for your help.
 

My Computer My Computer

OS
Windows 7
Press Win+R to get the run window. Type msconfig there and hit enter. In the startup tab of resulting system configeration window, disable all the unnecessary entries, including the roxio entries.

Roxio Burner Launcher is not any dangerous thing, but it is unnecessary to start up with the system. Only when you burn DVDs , open it.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self Assembled
OS
Microsoft Windows 10 Pro Insider Preview 64-bit
CPU
Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Motherboard
Gigabyte Technology Co., Ltd. B85M-D3H
Memory
Corsair Vengence 4GB x2 (8.00GB Dual-Channel DDR3 @ 798MHz)
Graphics Card(s)
2047MB GeForce GTS 450 (ZOTAC International)
Sound Card
Onboard (Realtek High Definition Audio)
Monitor(s) Displays
LG Flatron E2040T
Screen Resolution
1600x900
Hard Drives
Western Digital 1 TB
Seagate 500 GB
PSU
Corsair VS550
Case
Cooler Master K380
Cooling
Cooler Master Seidon 120V Plus
Keyboard
Logitech MK260r
Mouse
Logitech MK260r
Internet Speed
PMPL Broadband
Antivirus
Windows Defender + MBAM
Browser
Firefox
Other Info
Dell Studio 15" Laptop
  • Like
Reactions: JMH
Hi, thanks for your help.

I followed your instructions and could not find this "Roxio Burn Launcher" nor a Windows Media Player option in the start up tab.
 

My Computer My Computer

OS
Windows 7
Are you sure that wmplayer.exe is always open in task manager? Can you post a screenshot of your task manager with wmplayer.exe open , and the startup tab of the system configuration window ? It may help us to understand the situation properly.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self Assembled
OS
Microsoft Windows 10 Pro Insider Preview 64-bit
CPU
Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Motherboard
Gigabyte Technology Co., Ltd. B85M-D3H
Memory
Corsair Vengence 4GB x2 (8.00GB Dual-Channel DDR3 @ 798MHz)
Graphics Card(s)
2047MB GeForce GTS 450 (ZOTAC International)
Sound Card
Onboard (Realtek High Definition Audio)
Monitor(s) Displays
LG Flatron E2040T
Screen Resolution
1600x900
Hard Drives
Western Digital 1 TB
Seagate 500 GB
PSU
Corsair VS550
Case
Cooler Master K380
Cooling
Cooler Master Seidon 120V Plus
Keyboard
Logitech MK260r
Mouse
Logitech MK260r
Internet Speed
PMPL Broadband
Antivirus
Windows Defender + MBAM
Browser
Firefox
Other Info
Dell Studio 15" Laptop
Do you have streaming enabled? Open media player, make sure you have the play tab selected. Click the word stream and see if anything has a check next to it. I'm not sure if this would do it or not, but it doesn't hurt to try.

Have you gone to the folder you listed to see if anything is in there. You can find it by having explorer show hidden files and folders. Click Organize> Folder and Search Options>view tab>Show hidden files, folders, and drives.
 

My Computer My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Toshiba P775-S7100
OS
Windows 7 Professional SP1 64-bit
CPU
Intel Core i5-2450M @2.5 GHz
Memory
6 GB DDR3 1333MHz
Graphics Card(s)
Intel HD 3000
Monitor(s) Displays
Built-in 17.3" LED; 22" Insignia NS-L22Q-10A
Screen Resolution
1600x900; 1360x768
Hard Drives
750 GB Hitachi
1TB Seagate FreeAgent External
Internet Speed
Verizon DSL Speed(Down/Up): 3360 Kbps / 800 Kbps
Antivirus
MSE and MBAM Pro
Browser
IE10
Hi Poobla5 !
It is somehow unnatural . If WMP is not running, it should not be there in task manager's processes tab. You are running 64 bit os ? you may easily end the process wmplayer.exe*32, and see what happens then.

BTW, there is a lot of startup entries you have. You may easily disable the Acrobat, itunes etc entries. Keep the os , antivirus, and a few selected programs you want to autostart with windows. See my shot
 

Attachments

  • sshot-1.png
    sshot-1.png
    16.5 KB · Views: 89

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self Assembled
OS
Microsoft Windows 10 Pro Insider Preview 64-bit
CPU
Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Motherboard
Gigabyte Technology Co., Ltd. B85M-D3H
Memory
Corsair Vengence 4GB x2 (8.00GB Dual-Channel DDR3 @ 798MHz)
Graphics Card(s)
2047MB GeForce GTS 450 (ZOTAC International)
Sound Card
Onboard (Realtek High Definition Audio)
Monitor(s) Displays
LG Flatron E2040T
Screen Resolution
1600x900
Hard Drives
Western Digital 1 TB
Seagate 500 GB
PSU
Corsair VS550
Case
Cooler Master K380
Cooling
Cooler Master Seidon 120V Plus
Keyboard
Logitech MK260r
Mouse
Logitech MK260r
Internet Speed
PMPL Broadband
Antivirus
Windows Defender + MBAM
Browser
Firefox
Other Info
Dell Studio 15" Laptop
Thanks for your reply but it automatically sits in the processes each time I start up my computer even if I end it. Any further help is appreciated.
 

My Computer My Computer

OS
Windows 7

My Computer My Computer

OS
Windows 7
poobla5 said:
is this a virus perhaps taking advantage of WMP? I dont know. :S
Click to expand...

well if you have a suspicion then you can try...
1)scanning with Hitman pro and Malwarebytes.
2)Post a Hijackthis log here and pm experts like Jacee or Corrine to have a look at it.
 

My Computer My Computer

OS
windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
Try this. Go into Services and disable the "Portable device enumerator service". Reboot and see whether that does it.
 

My Computer My Computer

Computer Manufacturer/Model Number
HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS
Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU
from 1.6GHz Duo to i7
Monitor(s) Displays
2x HP w2207
Hard Drives
5x HDD, 7x SSD, 12x Externals
Keyboard
with trackball - no mices
Mouse
Trackball mice
Internet Speed
DSL 6000
Here you go.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:08 PM, on 26/07/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrssta.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8377 bytes

Hopefully that can help my situation. Let me know if theres anything abnormal please
 

My Computer My Computer

OS
Windows 7
Also, about 5 minutes earlier I did a test and for some reason it was different. For exmaple, it said AVG Tray wasnt open when it was open the whole time (minimized in my taskbar) but as you can see in the log I posted above it says it was open. Also one log is 5000 something bytes and the one before was 8377 bytes? Anyway here is the previous log a few minutes before the one I just posted up there

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:15:56 PM, on 26/07/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrssta.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5429 bytes
 

My Computer My Computer

OS
Windows 7
poobla5 said:
Hi, thanks for your help.

I followed your instructions and could not find this "Roxio Burn Launcher" nor a Windows Media Player option in the start up tab.
Click to expand...

Can we get screen shots of all the tabs uploaded to us????
 

My Computer My Computer

Computer Manufacturer/Model Number
HP Pavillion dv-7 1005 Tx
OS
Win 8 Release candidate 8400
CPU
[email protected]
Memory
4 gigs
Graphics Card(s)
Nvidia 9600M
Sound Card
HD built-in
Monitor(s) Displays
17" Wxga
Screen Resolution
1440x900
Cooling
none
Internet Speed
45Mb down 5Mb up
zigzag3143 said:
Can we get screen shots of all the tabs uploaded to us????
Click to expand...

Good point mate.


@poobla5: Please run Windrows Genuine Validation tool> (Obviously you will pass) > Restart.

A friend of me had a problem something like you in Vista (HP lappy, OEM OS). What he did (wrongly), installed WMP again (I dont know why) from some tech magazine DVD. WMP was constantly checking for Genuine Validation in background. In told him to run WGA tool: it declared it was counterfeit copy! Calling MS helped to activate again his copy.

You can go to this site to check it: Genuine Microsoft Software
 

My Computer My Computer

Computer Manufacturer/Model Number
COMPAQ Presario Laptop
OS
Windows 7 Ultimate 64 bit, Mac OS X 10.6
CPU
Intel Pentium Dual Core @2.0GHz
Motherboard
Compaq Generic
Memory
12GB
Graphics Card(s)
NVIDIA Graphics For Mobile 512MB VRAM
Sound Card
IDT High definition Audio
Monitor(s) Displays
Laptop LCD Display
Screen Resolution
1280*800 Bright View Widescreen
Hard Drives
500 GB Primary Master@7200rpm + 1 TB External HDD
Cooling
Direct ; generic fan
Keyboard
Generic Laptop Keyboard
Mouse
Touch Pad
Internet Speed
3.1 Mbps wireless Broadband
Other Info
Generic Dock
Read this 'how to' What are wmpnscfg.exe and wmpnetwk.exe and Why Are They Running? - How-To Geek

Also, In your startup .... uncheck Java updater. That doesn't need to be running in the background.


File name: RoxioBurnLauncher.exe File size: 482.48 KB (494064 bytes) Md5: c09aee8c0bf3dbe298cbff97e305ddd8


Loading point information

Execution type:REGISTRY
Registry section:HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Entry desktop Disc Tool
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Firstly I've already uploaded some screenshots on the previous page. In regards to having installed a counterfeit WMP, that is not at all the issue and everything is clear - I did a Windows Genuine Test as you instructed. Also, with Java Updater, that was enabled automatically and I thought it was the best thing? If there is an update wouldnt I want it automatically instead of being insecure when there is an update out but I dont know about it? Also is anybody able to give some insight into those hijack this logs? Thanks much for all your help
 

My Computer My Computer

OS
Windows 7
1. Go HERE and download FileLister.

  • Save it to your Desktop
  • Rt Click ->> Extract all ->> And extract it to your Desktop
  • Additional help on extracting zip files can be found HERE
  • Open the File Lister Folder.
  • Note: Leave the FileLister.vbe file in the folder and run it from there.
unzip4.JPG


  • Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
  • When the program is fnished it will produce a log for you C:\Files.txt
Copy and paste the contents of that log in your reply.
 

My Computer My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Done. However in the middle of the scan when it pops up the CMD, it gives me the message "Cannot find the files.txt file, do you want to create a new file?" and I click yes and it just brings up a blank notepad. Having said that the final result is still here, so that's kinda weird. Here you go.


+++++++++++++++++++++++++++
+ File Lister Version 1.1.4 +
+ +
+ By bamajim / SpywareHammer.com +
+++++++++++++++++++++++++++

Report ran on --->>> 29/07/2010 10:07:48 AM

====== Running Processes ======

C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\WScript.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

====== BHO's ======
BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll

====== System Keys (some whitelisted items will not be shown)======

Winlogon\Userinit = C:\Windows\system32\userinit.exe,
Winlogon\Shell = explorer.exe
AppInit_DLLs = avgrssta.dll

====== HKLM\~\Run Keys ======

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

[Launch LgDeviceAgent] = "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
[Launch LCDMon] = "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
[Launch LGDCore] = "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
[RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

====== HKCU\~\Run Keys ======

[Sidebar] = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
[msnmsgr] = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

====== DNS Info (List may be empty) ======


ICSDomain = mshome.net
SyncDomainWithMembership = 1
NV Hostname = PC-PC
DataBasePath = %SystemRoot%\System32\drivers\etc
ForwardBroadcasts = 0
IPEnableRouter = 0
Hostname = PC-PC
UseDomainNameDevolution = 1
EnableICMPRedirect = 1
DeadGWDetectDefault = 1
DontAddDefaultGatewayDefault = 0
EnableWsd = 1
QualifyingDestinationThreshold = 3
OverrideDefaultAddressSelection = 1
DhcpNameServer = 192.168.1.1

====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======

15/07/2010 3:51:53 PM 1024 32 C:\.rnd
2/07/2010 2:26:16 PM 200704 C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
20/07/2010 1:00:45 PM 200704 C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
25/07/2010 1:15:41 AM 1861 C:\Windows\pss
12/07/2010 11:21:36 AM 17551 32 C:\Windows\DirectX.log
25/07/2010 1:34:13 AM 171828 32 C:\Windows\ntbtlog.txt
7/07/2010 11:12:57 AM 8136 32 C:\Windows\PFRO.log
7/07/2010 11:13:17 AM 1344 32 C:\Windows\setupact.log
7/07/2010 11:13:17 AM 0 32 C:\Windows\setuperr.log
9/06/2010 9:37:10 AM 84992 32 C:\Windows\System32\asycfilt.dll
9/06/2010 9:37:11 AM 366080 32 C:\Windows\System32\atmfd.dll
9/06/2010 9:37:11 AM 46080 32 C:\Windows\System32\atmlib.dll
25/07/2010 9:59:26 AM 42567 32 C:\Windows\System32\avgrep.txt
17/07/2010 9:13:46 AM 13048 32 C:\Windows\System32\avgrssta.dll
14/07/2010 10:37:30 AM 144384 32 C:\Windows\System32\cdd.dll
23/06/2010 12:42:37 PM 961024 32 C:\Windows\System32\CPFilters.dll
23/06/2010 12:43:57 PM 1942856 32 C:\Windows\System32\dfshim.dll
9/06/2010 9:37:12 AM 445952 32 C:\Windows\System32\iedkcs32.dll
9/06/2010 9:37:14 AM 12364288 32 C:\Windows\System32\ieframe.dll
9/06/2010 9:37:12 AM 64512 32 C:\Windows\System32\jsproxy.dll
23/06/2010 12:42:36 PM 258560 32 C:\Windows\System32\mpg2splt.ax
23/06/2010 12:43:57 PM 444752 32 C:\Windows\System32\mscoree.dll
23/06/2010 12:42:36 PM 552960 32 C:\Windows\System32\msdri.dll
9/06/2010 9:37:12 AM 82944 32 C:\Windows\System32\msfeedsbs.dll
9/06/2010 9:37:15 AM 9290240 32 C:\Windows\System32\mshtml.dll
23/06/2010 12:42:36 PM 288256 32 C:\Windows\System32\MSNP.ax
9/06/2010 9:37:12 AM 1026048 32 C:\Windows\System32\mstime.dll
23/06/2010 12:43:57 PM 48960 32 C:\Windows\System32\netfxperf.dll
23/06/2010 12:42:50 PM 1736608 32 C:\Windows\System32\ntdll.dll
23/06/2010 12:43:57 PM 320352 32 C:\Windows\System32\PresentationHost.exe
23/06/2010 12:43:57 PM 109912 32 C:\Windows\System32\PresentationHostProxy.dll
9/06/2010 9:37:12 AM 1493504 32 C:\Windows\System32\urlmon.dll
9/06/2010 9:37:10 AM 3122176 32 C:\Windows\System32\win32k.sys
9/06/2010 9:37:12 AM 1192960 32 C:\Windows\System32\wininet.dll

====== "\Administrator & All Users\Startup" Last 60 Days======




====== "\Program Files" Last 60 Days======

23/06/2010 12:51:31 PM 195920 C:\Program Files\Bonjour
26/07/2010 11:29:27 AM 6776128 C:\Program Files\Hitman Pro 3.5
23/06/2010 12:55:05 PM 1966616 C:\Program Files\iTunes
15/07/2010 3:47:36 PM 487877242 C:\Program Files\Tenable

======"Drivers" Modified Last 60 Days======

1/01/2010 12:37:42 PM 269904 32 C:\Windows\System32\drivers\avgldx64.sys
1/01/2010 12:37:38 PM 35536 32 C:\Windows\System32\drivers\avgmfx64.sys
1/01/2010 12:37:31 PM 317520 32 C:\Windows\System32\drivers\avgtdia.sys
26/07/2010 11:30:35 AM 19528 32 C:\Windows\System32\drivers\hitmanpro35.sys
23/12/2009 1:41:45 AM 0 32 C:\Windows\System32\drivers\lvuvc.hs
15/07/2010 3:51:53 PM 53312 32 C:\Windows\System32\drivers\pssdk42.sys

====== Files Deleted under "%Temp%" ======

5 Files deleted

======"All Users\Application Data" Last 60 Days======



====== HKLM\~\ShellServiceObjectDelayLoad======

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -


====== HKLM\~\SharedTaskScheduler======

======HKLM\~\msconfig\startupreg======

HKLM\Software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKLM\Software\microsoft\shared tools\msconfig\startupreg\QuickTime Task

====== Services ( Services that are Whitelisted are not shown) ======

1394ohci (1394 OHCI Compliant Host Controller)- C:\Windows\system32\DRIVERS\1394ohci.sys - Manual/Stopped
AcpiPmi (ACPI Power Meter Driver)- C:\Windows\system32\DRIVERS\acpipmi.sys - Manual/Stopped
adp94xx (adp94xx)- C:\Windows\system32\DRIVERS\adp94xx.sys - Manual/Stopped
adpahci (adpahci)- C:\Windows\system32\DRIVERS\adpahci.sys - Manual/Stopped
amdide (amdide)- C:\Windows\system32\DRIVERS\amdide.sys - Manual/Stopped
amdsata (amdsata)- C:\Windows\system32\DRIVERS\amdsata.sys - Manual/Stopped
amdsbs (amdsbs)- C:\Windows\system32\DRIVERS\amdsbs.sys - Manual/Stopped
amdxata (amdxata)- C:\Windows\system32\DRIVERS\amdxata.sys - Boot/Running
AppID (AppID Driver)- C:\Windows\system32\drivers\appid.sys - Manual/Stopped
arcsas (arcsas)- C:\Windows\system32\DRIVERS\arcsas.sys - Manual/Stopped
AvgLdx64 (AVG Free AVI Loader Driver x64)- C:\Windows\system32\Drivers\avgldx64.sys - System/Running
AvgMfx64 (AVG Free On-access Scanner Minifilter Driver x64)- C:\Windows\system32\Drivers\avgmfx64.sys - System/Running
AvgTdiA (AVG Free Network Redirector x64)- C:\Windows\system32\Drivers\avgtdia.sys - System/Running
b06bdrv (Broadcom NetXtreme II VBD)- C:\Windows\system32\DRIVERS\bxvbda.sys - Manual/Stopped
b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0)- C:\Windows\system32\DRIVERS\b57nd60a.sys - Manual/Stopped
blbdrive (blbdrive)- C:\Windows\system32\DRIVERS\blbdrive.sys - System/Running
bowser (Browser Support Driver)- C:\Windows\system32\DRIVERS\bowser.sys - Manual/Running
BrFiltLo (Brother USB Mass-Storage Lower Filter Driver)- C:\Windows\system32\DRIVERS\BrFiltLo.sys - Manual/Stopped
BrFiltUp (Brother USB Mass-Storage Upper Filter Driver)- C:\Windows\system32\DRIVERS\BrFiltUp.sys - Manual/Stopped
Brserid (Brother MFC Serial Port Interface Driver (WDM))- C:\Windows\system32\Drivers\Brserid.sys - Manual/Stopped
BrSerWdm (Brother WDM Serial driver)- C:\Windows\system32\Drivers\BrSerWdm.sys - Manual/Stopped
BrUsbMdm (Brother MFC USB Fax Only Modem)- C:\Windows\system32\Drivers\BrUsbMdm.sys - Manual/Stopped
BrUsbSer (Brother MFC USB Serial WDM Driver)- C:\Windows\system32\Drivers\BrUsbSer.sys - Manual/Stopped
circlass (Consumer IR Devices)- C:\Windows\system32\DRIVERS\circlass.sys - Manual/Stopped
CLFS (Common Log (CLFS))- C:\Windows\system32\CLFS.sys - Boot/Running
CNG (CNG)- C:\Windows\system32\Drivers\cng.sys - Boot/Running
CompositeBus (Composite Bus Enumerator Driver)- C:\Windows\system32\DRIVERS\CompositeBus.sys - Manual/Stopped
DfsC (DFS Namespace Client Driver)- C:\Windows\system32\Drivers\dfsc.sys - System/Running
discache (System Attribute Cache)- C:\Windows\system32\drivers\discache.sys - System/Running
DXGKrnl (LDDM Graphics Subsystem)- C:\Windows\system32\drivers\dxgkrnl.sys - Manual/Stopped
ebdrv (Broadcom NetXtreme II 10 GigE VBD)- C:\Windows\system32\DRIVERS\evbda.sys - Manual/Stopped
elxstor (elxstor)- C:\Windows\system32\DRIVERS\elxstor.sys - Manual/Stopped
ErrDev (Microsoft Hardware Error Device Driver)- C:\Windows\system32\DRIVERS\errdev.sys - Manual/Stopped
FileInfo (File Information FS MiniFilter)- C:\Windows\system32\drivers\fileinfo.sys - Boot/Running
Filetrace (Filetrace)- C:\Windows\system32\drivers\filetrace.sys - Manual/Stopped
FsDepends (File System Dependency Minifilter)- C:\Windows\system32\drivers\FsDepends.sys - Manual/Stopped
fvevol (Bitlocker Drive Encryption Filter Driver)- C:\Windows\system32\DRIVERS\fvevol.sys - Boot/Running
gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms)- C:\Windows\system32\DRIVERS\gagp30kx.sys - Manual/Stopped
hcw85cir (Hauppauge Consumer Infrared Receiver)- C:\Windows\system32\drivers\hcw85cir.sys - Manual/Stopped
HidBth (Microsoft Bluetooth HID Miniport)- C:\Windows\system32\DRIVERS\hidbth.sys - Manual/Stopped
HidIr (Microsoft Infrared HID Driver)- C:\Windows\system32\DRIVERS\hidir.sys - Manual/Stopped
HpSAMD (HpSAMD)- C:\Windows\system32\DRIVERS\HpSAMD.sys - Manual/Stopped
hwpolicy (Hardware Policy Driver)- C:\Windows\system32\drivers\hwpolicy.sys - Boot/Running
iaStorV (iaStorV)- C:\Windows\system32\DRIVERS\iaStorV.sys - Manual/Stopped
IPMIDRV (IPMIDRV)- C:\Windows\system32\DRIVERS\IPMIDrv.sys - Manual/Stopped
iScsiPrt (iScsiPort Driver)- C:\Windows\system32\DRIVERS\msiscsi.sys - Manual/Stopped
KSecPkg (KSecPkg)- C:\Windows\system32\Drivers\ksecpkg.sys - Boot/Running
L1E (NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller)- C:\Windows\system32\DRIVERS\L1E62x64.sys - Manual/Stopped
LGBusEnum (Logitech GamePanel Virtual Bus Enumerator Driver)- C:\Windows\system32\drivers\LGBusEnum.sys - Manual/Stopped
LGVirHid (Logitech Gamepanel Virtual HID Device Driver)- C:\Windows\system32\drivers\LGVirHid.sys - Manual/Stopped
lltdio (Link-Layer Topology Discovery Mapper I/O Driver)- C:\Windows\system32\DRIVERS\lltdio.sys - Auto/Running
LSI_FC (LSI_FC)- C:\Windows\system32\DRIVERS\lsi_fc.sys - Manual/Stopped
LSI_SAS (LSI_SAS)- C:\Windows\system32\DRIVERS\lsi_sas.sys - Manual/Stopped
LSI_SAS2 (LSI_SAS2)- C:\Windows\system32\DRIVERS\lsi_sas2.sys - Manual/Stopped
LSI_SCSI (LSI_SCSI)- C:\Windows\system32\DRIVERS\lsi_scsi.sys - Manual/Stopped
luafv (UAC File Virtualization)- C:\Windows\system32\drivers\luafv.sys - Auto/Running
LVPr2M64 (Logitech LVPr2M64 Driver)- C:\Windows\system32\DRIVERS\LVPr2M64.sys - Manual/Running
LVRS64 (Logitech RightSound Filter Driver)- C:\Windows\system32\DRIVERS\lvrs64.sys - Manual/Stopped
LVUVC64 (Logitech QuickCam Pro 9000(UVC))- C:\Windows\system32\DRIVERS\lvuvc64.sys - Manual/Stopped
megasas (megasas)- C:\Windows\system32\DRIVERS\megasas.sys - Manual/Stopped
MegaSR (MegaSR)- C:\Windows\system32\DRIVERS\MegaSR.sys - Manual/Stopped
mpio (mpio)- C:\Windows\system32\DRIVERS\mpio.sys - Manual/Stopped
mpsdrv (Windows Firewall Authorization Driver)- C:\Windows\system32\drivers\mpsdrv.sys - Manual/Running
mrxsmb10 (SMB 1.x MiniRedirector)- C:\Windows\system32\DRIVERS\mrxsmb10.sys - Manual/Running
mrxsmb20 (SMB 2.0 MiniRedirector)- C:\Windows\system32\DRIVERS\mrxsmb20.sys - Manual/Running
msahci (msahci)- C:\Windows\system32\DRIVERS\msahci.sys - Manual/Stopped
msdsm (msdsm)- C:\Windows\system32\DRIVERS\msdsm.sys - Manual/Stopped
mshidkmdf (Pass-through HID to KMDF Filter Driver)- C:\Windows\system32\drivers\mshidkmdf.sys - Manual/Stopped
msisadrv (msisadrv)- C:\Windows\system32\DRIVERS\msisadrv.sys - Boot/Running
MsRPC (MsRPC)- C:\Windows\system32\drivers\MsRPC.sys - Manual/Stopped
MTConfig (Microsoft Input Configuration Driver)- C:\Windows\system32\DRIVERS\MTConfig.sys - Manual/Stopped
MTsensor (ATK0110 ACPI UTILITY)- C:\Windows\system32\DRIVERS\ASACPI.sys - Manual/Stopped
NativeWifiP (NativeWiFi Filter)- C:\Windows\system32\DRIVERS\nwifi.sys - Manual/Stopped
NdisCap (NDIS Capture LightWeight Filter)- C:\Windows\system32\DRIVERS\ndiscap.sys - Manual/Stopped
nfrd960 (nfrd960)- C:\Windows\system32\DRIVERS\nfrd960.sys - Manual/Stopped
nsiproxy (NSI proxy service driver.)- C:\Windows\system32\drivers\nsiproxy.sys - System/Running
nvlddmkm (nvlddmkm)- C:\Windows\system32\DRIVERS\nvlddmkm.sys - Manual/Stopped
pcw (Performance Counters for Windows Driver)- C:\Windows\system32\drivers\pcw.sys - Boot/Running
PEAUTH (PEAUTH)- C:\Windows\system32\drivers\peauth.sys - Auto/Running
PSSDK42 (PSSDK42)- \??\C:\Windows\system32\Drivers\pssdk42.sys - Manual/Stopped
ql2300 (ql2300)- C:\Windows\system32\DRIVERS\ql2300.sys - Manual/Stopped
ql40xx (ql40xx)- C:\Windows\system32\DRIVERS\ql40xx.sys - Manual/Stopped
QWAVEdrv (QWAVE driver)- C:\Windows\system32\drivers\qwavedrv.sys - Manual/Stopped
RasAgileVpn (WAN Miniport (IKEv2))- C:\Windows\system32\DRIVERS\AgileVpn.sys - Manual/Stopped
rdpbus (Remote Desktop Device Redirector Bus Driver)- C:\Windows\system32\DRIVERS\rdpbus.sys - Manual/Stopped
RDPENCDD (RDP Encoder Mirror Driver)- C:\Windows\system32\drivers\rdpencdd.sys - System/Running
RDPREFMP (Reflector Display Driver used to gain access to graphics data)- C:\Windows\system32\drivers\rdprefmp.sys - System/Running
rdyboost (ReadyBoost)- C:\Windows\system32\drivers\rdyboost.sys - Boot/Running
rspndr (Link-Layer Topology Discovery Responder)- C:\Windows\system32\DRIVERS\rspndr.sys - Auto/Running
s3cap (s3cap)- C:\Windows\system32\DRIVERS\vms3cap.sys - Manual/Stopped
sbp2port (sbp2port)- C:\Windows\system32\DRIVERS\sbp2port.sys - Manual/Stopped
scfilter (Smart card PnP Class Filter Driver)- C:\Windows\system32\DRIVERS\scfilter.sys - Manual/Stopped
sermouse (Serial Mouse Driver)- C:\Windows\system32\DRIVERS\sermouse.sys - Manual/Stopped
sffdisk (SFF Storage Class Driver)- C:\Windows\system32\DRIVERS\sffdisk.sys - Manual/Stopped
sffp_mmc (SFF Storage Protocol Driver for MMC)- C:\Windows\system32\DRIVERS\sffp_mmc.sys - Manual/Stopped
sffp_sd (SFF Storage Protocol Driver for SDBus)- C:\Windows\system32\DRIVERS\sffp_sd.sys - Manual/Stopped
SiSRaid2 (SiSRaid2)- C:\Windows\system32\DRIVERS\SiSRaid2.sys - Manual/Stopped
SiSRaid4 (SiSRaid4)- C:\Windows\system32\DRIVERS\sisraid4.sys - Manual/Stopped
spldr (Security Processor Loader Driver)- C:\Windows\system32\drivers\spldr.sys - Boot/Running
srv2 (Server SMB 2.xxx Driver)- C:\Windows\system32\DRIVERS\srv2.sys - Manual/Running
srvnet (srvnet)- C:\Windows\system32\DRIVERS\srvnet.sys - Manual/Running
stexstor (stexstor)- C:\Windows\system32\DRIVERS\stexstor.sys - Manual/Stopped
storflt (Disk Virtual Machine Bus Acceleration Filter Driver)- C:\Windows\system32\DRIVERS\vmstorfl.sys - Boot/Running
storvsc (storvsc)- C:\Windows\system32\DRIVERS\storvsc.sys - Manual/Stopped
TCPIP6 (Microsoft IPv6 Protocol Driver)- C:\Windows\system32\DRIVERS\tcpip.sys - Manual/Stopped
tcpipreg (TCP/IP Registry Compatibility)- C:\Windows\system32\drivers\tcpipreg.sys - Auto/Running
tdx (NetIO Legacy TDI Support Driver)- C:\Windows\system32\DRIVERS\tdx.sys - System/Running
tssecsrv (Remote Desktop Services Security Filter Driver)- C:\Windows\system32\DRIVERS\tssecsrv.sys - Manual/Stopped
tunnel (Microsoft Tunnel Miniport Adapter Driver)- C:\Windows\system32\DRIVERS\tunnel.sys - Manual/Stopped
uagp35 (Microsoft AGPv3.5 Filter)- C:\Windows\system32\DRIVERS\uagp35.sys - Manual/Stopped
uliagpkx (Uli AGP Bus Filter)- C:\Windows\system32\DRIVERS\uliagpkx.sys - Manual/Stopped
umbus (UMBus Enumerator Driver)- C:\Windows\system32\DRIVERS\umbus.sys - Manual/Stopped
UmPass (Microsoft UMPass Driver)- C:\Windows\system32\DRIVERS\umpass.sys - Manual/Stopped
USBAAPL64 (Apple Mobile USB Driver)- C:\Windows\system32\Drivers\usbaapl64.sys - Manual/Stopped
usbcir (eHome Infrared Receiver (USBCIR))- C:\Windows\system32\DRIVERS\usbcir.sys - Manual/Stopped
usbvideo (USB Video Device (WDM))- C:\Windows\system32\Drivers\usbvideo.sys - Manual/Stopped
vdrvroot (Microsoft Virtual Drive Enumerator Driver)- C:\Windows\system32\DRIVERS\vdrvroot.sys - Boot/Running
vhdmp (vhdmp)- C:\Windows\system32\DRIVERS\vhdmp.sys - Manual/Stopped
vmbus (Virtual Machine Bus)- C:\Windows\system32\DRIVERS\vmbus.sys - Manual/Stopped
VMBusHID (VMBusHID)- C:\Windows\system32\DRIVERS\VMBusHID.sys - Manual/Stopped
volmgr (Volume Manager Driver)- C:\Windows\system32\DRIVERS\volmgr.sys - Boot/Running
volmgrx (Dynamic Volume Manager)- C:\Windows\system32\drivers\volmgrx.sys - Boot/Running
vpcbus (Virtual PC Host Bus Service)- C:\Windows\system32\DRIVERS\vpchbus.sys - Manual/Stopped
vpcnfltr (Virtual PC Network Filter Driver)- C:\Windows\system32\DRIVERS\vpcnfltr.sys - System/Running
vpcusb (USB Virtualization Connector Service)- C:\Windows\system32\DRIVERS\vpcusb.sys - Manual/Stopped
vpcuxd (USB Virtualization Stub Service)- C:\Windows\system32\DRIVERS\vpcuxd.sys - Manual/Stopped
vpcvmm (Virtual PC Virtual Machine Monitor)- C:\Windows\system32\drivers\vpcvmm.sys - System/Running
vsmraid (vsmraid)- C:\Windows\system32\DRIVERS\vsmraid.sys - Manual/Stopped
vwifibus (Virtual WiFi Bus Driver)- C:\Windows\system32\drivers\vwifibus.sys - Manual/Stopped
WacomPen (Wacom Serial Pen HID Driver)- C:\Windows\system32\DRIVERS\wacompen.sys - Manual/Stopped
Wanarpv6 (Remote Access IPv6 ARP Driver)- C:\Windows\system32\DRIVERS\wanarp.sys - System/Running
Wdf01000 (Kernel Mode Driver Frameworks service)- C:\Windows\system32\drivers\Wdf01000.sys - Boot/Running
WfpLwf (WFP Lightweight Filter)- C:\Windows\system32\DRIVERS\wfplwf.sys - System/Running
WIMMount (WIMMount)- C:\Windows\system32\drivers\wimmount.sys - Manual/Stopped
WinUsb (WinUsb)- C:\Windows\system32\DRIVERS\WinUsb.sys - Manual/Stopped
WmiAcpi (Microsoft Windows Management Interface for ACPI)- C:\Windows\system32\DRIVERS\wmiacpi.sys - Manual/Stopped

====== Uninstall List ======

A file named 'UNI.txt' was created and saved to
FileListers default location. Post the results if requested.

======== Other Info ========

TOTAL PHYSICAL RAM: 4294 MB

Boot Info

OS Type: Microsoft Windows 7 Professional
Build: 6.1.7600
Service Pack: 0.0

====== Files with Hidden Attributes======

A file named 'Hidden.txt' was created and saved to
FileListers default location. Post the results if requested.

==End of Report==


Ive also got "Hidden" and "UNI" files if you need them too from the program I ran.
 

My Computer My Computer

OS
Windows 7
You must log in or register to reply here.

Similar threads

Windows Media Player Classic deleted the open media automatically
Replies
0
Views
2K
wfz
W
Solved Windows Media Player - How do I Open a File From D:\MyImageFiles\...
Replies
3
Views
1K
wither 2
W
Windows Media Player 12 won't close properly
Replies
6
Views
5K
UserXP
U
How to investigate Microsoft Edge memory usage on Windows
Replies
0
Views
2K
Brink
Brink
Issue with Windows Media Player 12 and Outlook 2013
Replies
2
Views
2K
ComputerTech07
C
Back
Top