oversoulzzz91

This is the report that you want. RogueKiller V7.0.4 [02/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: DIGIT [Admin rights] Mode: Scan -- Date : 02/15/2012 11:14:22 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ [ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present! ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localgost ::1 localhost 127.0.0.1 tonec.com 127.0.0.1 www.tonec.com 127.0.0.1 registeridm.com 127.0.0.1 www.registeridm.com 127.0.0.1 secure.registeridm.com 127.0.0.1 internetdownloadmanager.com 127.0.0.1 www.internetdownloadmanager.com 127.0.0.1 secure.internetdownloadmanager.com 127.0.0.1 mirror.internetdownloadmanager.com 127.0.0.1 mirror2.internetdownloadmanager.com 127.0.0.1 www.password-protect-folders.net ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS543216L9A300 +++++ --- User --- [MBR] 82f658e26b5473b2e795eb3b7c0dd0fc [bSP] 0055a0cb8dabf253e3b1decd69a66424 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt ====== For your information, yesterday i install Microsoft Essential Security. and Kaspersky Internet Security no longer i use. but i wonder, does it affect the dds output ? I attach once again the dds outcome. hope you take a look at it. DDS . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 Run by DIGIT at 18:22:46 on 2012-02-14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3002.2092 [GMT 5.5:30] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\Cyberlink\Shared files\brs.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\DIGIT\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\e-Kamus\Kamus50207.exe C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Ninja 1.6\Ninja.exe C:\Program Files\Rainlendar2.6\Rainlendar2.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Internet Download Manager\IEMonitor.exe c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microsoft Security Client\msseces.exe c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe C:\Program Files\Google Chrome\Chrome.exe C:\Program Files\Google Chrome\Chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.in uSearch Page = uSearch Bar = uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://search.ChatVibes.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll mURLSearchHooks: H - No File mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [Kamus502] c:\program files\e-kamus\Kamus50207.exe uRun: [NoteZilla] c:\program files\conceptworld\notezilla\NoteZilla.exe uRun: [QNPlus] uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe" mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 StartupFolder: c:\docume~1\digit\startm~1\programs\startup\ninja.lnk - c:\program files\ninja 1.6\Ninja.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rainle~1.lnk - c:\program files\rainlendar2.6\Rainlendar2.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rocket~1.lnk - c:\program files\rocketdock\RocketDock.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{50F2AF02-C20C-4CCE-B938-302BD11F66AB} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - c:\program files\common files\bricscad\BrxProtIE.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2710626&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - component: c:\documents and settings\digit\application data\idm\idmmzcc3\components\idmmzcc.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: c:\documents and settings\digit\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-10-1 101616] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/11/07 15:40:54];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-4-2 87536] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-13 652360] R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2011-12-27 140848] R3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-11-2 84240] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-13 20464] R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2010-11-2 637824] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 NEWDRIVER;NEWDRIVER;\??\c:\windows\system32\winvdedrv6.sys --> c:\windows\system32\WinVDEdrv6.sys [?] S2 pctoolsfirewallplus;Btaudio;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\solidworks\swscheduler\DTSCoordinatorService.exe [2008-9-9 79144] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-1-5 114432] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-1-5 100736] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2009-12-8 48128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936] . =============== Created Last 30 ================ . 2012-02-14 12:51:27 6557240 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a43246e2-8e42-47f9-944c-71156ec482ce}\mpengine.dll 2012-02-14 12:51:27 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-14 12:27:36 -------- d-----w- c:\program files\Microsoft Security Client 2012-02-14 12:15:50 981336 ----a-w- c:\windows\system32\MGADiag.exe 2012-02-13 17:33:40 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-13 17:33:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-13 17:17:12 -------- d-----w- c:\program files\Trojan Remover 2012-02-10 19:29:51 -------- d-----w- c:\program files\common files\DirectX 2012-02-10 19:29:37 4071928 ----a-w- c:\windows\system32\GameMon.des 2012-02-10 19:27:39 5174 ----a-w- c:\windows\system32\nppt9x.vxd 2012-02-10 19:27:39 4682 ----a-w- c:\windows\system32\npptNT2.sys 2012-02-10 19:27:39 -------- d-----w- c:\program files\common files\INCA Shared 2012-02-05 15:20:47 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2012-02-05 15:20:47 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2012-02-05 15:02:41 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2012-02-05 15:02:41 21504 ----a-w- c:\windows\system32\hidserv.dll 2012-01-24 05:10:49 657179 ----a-w- c:\windows\Condition Zero Uninstaller.exe 2012-01-24 05:08:00 -------- d-----w- C:\Valve 2012-01-22 01:49:36 -------- d-----w- c:\program files\Team17 2012-01-21 04:49:32 -------- d-----w- C:\FM Genie Scout 12 2012-01-21 00:21:46 -------- d-----w- c:\documents and settings\digit\local settings\application data\Chromium 2012-01-20 12:00:34 -------- d-----w- c:\program files\SEGA 2012-01-20 10:13:03 -------- d-----w- c:\program files\Recovery Toolbox for RAR 2012-01-19 12:10:51 -------- d-----w- c:\program files\Worms Crazy Golf . ==================== Find3M ==================== . 2012-02-14 08:58:31 0 --sha-w- c:\windows\system32\dds_log_trash.cmd 2012-01-24 03:36:55 52480 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2012-01-18 22:31:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-06 16:57:07 40960 ----a-w- c:\windows\system32\nwsftUninstall.exe 2012-01-06 16:57:04 474112 ------w- c:\windows\system32\WinFLCtxMenu.dll 2012-01-06 06:02:19 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2011-12-31 11:06:11 151552 ----a-w- c:\windows\KMSEmulator.exe 2011-12-25 17:16:02 13312 ----a-r- c:\windows\system32\agrsmsvc.exe 2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:29:56 1868544 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:20:51 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:20:51 152064 ----a-w- c:\windows\system32\schannel.dll . ============= FINISH: 18:25:29.82 =============== ATTACH . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 11/2/2010 12:24:56 PM System Uptime: 2/14/2012 2:27:43 PM (4 hours ago) . Motherboard: Acer | | Aspire 4730Z Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz | uPGA-478 | 2161/166mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 24.308 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP238: 12/15/2011 2:46:10 AM - System Checkpoint RP239: 12/15/2011 10:35:37 AM - Software Distribution Service 3.0 RP240: 12/16/2011 9:17:35 AM - Software Distribution Service 3.0 RP241: 12/16/2011 1:06:25 PM - Software Distribution Service 3.0 RP242: 12/17/2011 3:26:11 PM - Software Distribution Service 3.0 RP243: 12/19/2011 8:25:52 AM - System Checkpoint RP244: 12/20/2011 6:10:06 PM - System Checkpoint RP245: 12/23/2011 9:02:57 AM - Removed Internet Download Manager RP246: 12/25/2011 9:53:27 PM - System Checkpoint RP247: 12/27/2011 8:50:24 PM - System Checkpoint RP248: 12/29/2011 10:44:44 AM - System Checkpoint RP249: 12/30/2011 8:11:21 PM - System Checkpoint RP250: 12/31/2011 4:10:43 PM - Software Distribution Service 3.0 RP251: 1/4/2012 10:55:36 AM - System Checkpoint RP252: 1/5/2012 11:42:57 AM - System Checkpoint RP253: 1/6/2012 11:57:13 AM - System Checkpoint RP254: 1/7/2012 5:23:34 PM - System Checkpoint RP255: 1/10/2012 9:15:54 AM - System Checkpoint RP256: 1/11/2012 9:46:13 AM - System Checkpoint RP257: 1/12/2012 3:14:47 AM - Software Distribution Service 3.0 RP258: 1/12/2012 5:33:38 PM - Software Distribution Service 3.0 RP259: 1/13/2012 11:19:10 PM - System Checkpoint RP260: 1/16/2012 1:44:56 PM - System Checkpoint RP261: 1/18/2012 5:14:17 PM - System Checkpoint RP262: 1/18/2012 7:26:09 PM - Software Distribution Service 3.0 RP263: 1/20/2012 3:57:15 AM - System Checkpoint RP264: 1/20/2012 5:43:16 PM - Installed DirectX RP265: 1/20/2012 8:30:53 PM - Software Distribution Service 3.0 RP266: 1/21/2012 5:38:49 AM - Installed DirectX RP267: 1/21/2012 2:25:22 PM - Removed Dotfuscator Software Services - Community Edition RP268: 1/21/2012 2:26:34 PM - First Restore Point RP269: 1/21/2012 2:39:00 PM - Installed Kaspersky Internet Security 2012. RP270: 1/22/2012 7:25:25 AM - Installed DirectX RP271: 1/23/2012 1:30:03 PM - System Checkpoint RP272: 1/30/2012 12:12:49 AM - System Checkpoint RP273: 1/31/2012 6:29:41 PM - System Checkpoint RP274: 2/2/2012 9:14:59 PM - System Checkpoint RP275: 2/6/2012 11:22:47 AM - System Checkpoint RP276: 2/7/2012 1:53:00 PM - System Checkpoint RP277: 2/10/2012 9:42:24 AM - System Checkpoint RP278: 2/11/2012 3:35:22 PM - System Checkpoint RP279: 2/12/2012 11:36:44 PM - System Checkpoint RP280: 2/13/2012 6:40:16 PM - First Restore Point . ==== Installed Programs ====================== . . 7-Zip 9.20 Acer Crystal Eye Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.0 Advertising Center Agere Systems HDA Modem AMR to MP3 Converter 1.4 Any Video Converter Professional 2.6.1 Ashampoo Burning Studio 10 v.10.0.15 BricsCad 7.1 Broadcom Driver v4.170.25.12_Foxconn Installation Program Canon Easy-WebPrint EX Canon MP Navigator EX 3.0 Canon MP250 series MP Drivers Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities Solution Menu CCleaner Celcom Broadband Manager Cheat Engine 6.1 Condition Zero ConvertXtoDVD 4.1.4.338 Crystal Reports for Visual Studio CyberLink PowerDVD 10 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition DolbyFiles e-Kamus F1 2010 Fish Tycoon FM Genie Scout 12 version 1.00 beta 4 Football Manager 2012 FormatFactory 2.70 Garena - BlackShot Garena Plus GIMP 2.6.11 GOM Player Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB958655-v2) Hotfix for Windows XP (KB961118) ImagXpress Intel® Graphics Media Accelerator Driver Internet Download Manager Java Auto Updater Java 6 Update 29 JMicron JMB38X Flash Media Controller K-Lite Codec Pack 7.5.0 (Full) L&H TTS3000 British English Magical Jelly Bean KeyFinder Malwarebytes Anti-Malware version 1.60.1.1000 Menu Templates - Starter Kit Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Antimalware Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Help Viewer 1.0 Microsoft MSDN 2005 Express Edition - ENU Microsoft Office 2003 Web Components Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x86) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x86) Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x86) Microsoft Visual Studio 2010 Performance Collection Tools - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio Macro Tools Movie Templates - Starter Kit Mozilla Firefox 10.0 (x86 en-US) MP3 Splitter & Joiner Pro 4.22 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB925673) Nero 9 Nero BurnRights Nero ControlCenter Nero CoverDesigner Nero DiscSpeed Nero DriveSpeed Nero InfoTool Nero Installer Nero PhotoSnap Nero Recode Nero Rescue Agent Nero ShowTime Nero StartSmart Nero Vision Nero WaveEditor NeroBurningROM NeroExpress neroxml NoteZilla 7.0 OpenAL Picasa 3 Pro Evolution Soccer 2011 Pro Evolution Soccer 2012 Protected Folder Quran in Ms Word Ralink Wireless LAN Installation Program for XP v1.1.5.0 Rapture3D 2.4.4 Game Real Alternative 2.0.2 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Recovery Toolbox for RAR 1.1 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft InfoPath 2010 (KB2510065) Security Update for Microsoft Office 2010 (KB2289078) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2409055) Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489) Security Update for Microsoft Windows (KB2564958) Security Update for Microsoft Word 2010 (KB2345000) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Service Pack 1 for SQL Server 2008 (KB968369) Skype Toolbars Skype™ 5.3 SolidWorks 2009 SP0 SoundTrax Splash PRO Sql Server Customer Experience Improvement Program StreamTransport version: 1.0.2.2171 Synaptics Pointing Device Driver Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2202188) Update for Microsoft Office 2010 (KB2413186) Update for Microsoft Office 2010 (KB2523113) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VLC media player 1.1.4 Web Deployment Tool WebFldrs XP Winamp Winamp Detector Plug-in WinDjView 1.0.3 Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Internet Explorer 8 Windows Live ID Sign-in Assistant Windows Media Player Firefox Plugin Windows Presentation Foundation XML Paper Specification Shared Components Pack 1.0 Yahoo! BrowserPlus 2.9.8 Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 2/9/2012 8:06:20 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: KLIF 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The NEWDRIVER service failed to start due to the following error: The system cannot find the file specified. 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: Only part of a ReadProcessMemory or WriteProcessMemory request was completed. 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The Agere Modem Call Progress Audio service failed to start due to the following error: Only part of a ReadProcessMemory or WriteProcessMemory request was completed. 2/8/2012 9:35:56 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00242B4AACAF has been denied by the DHCP server 10.5.50.1 (The DHCP Server sent a DHCPNACK message). 2/8/2012 5:53:28 PM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible. 2/14/2012 8:00:24 AM, error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The specified module could not be found. 2/14/2012 7:37:28 AM, error: Service Control Manager [7023] - The Shuttleengine service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:36:33 AM, error: Service Control Manager [7023] - The AmdLLD service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:35:26 AM, error: Service Control Manager [7023] - The XUIF service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:35:02 AM, error: Service Control Manager [7023] - The Wmccdsls service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:31:25 AM, error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:31:15 AM, error: Service Control Manager [7023] - The Qconsvc service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:28:36 AM, error: Service Control Manager [7023] - The Safety Settings Service service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The XUIF service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Wmccdsls service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Usbsermpt service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The SrvcEKIOMngr service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Shuttleengine service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Se59mgmt service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Roammgr service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The RioS30 service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Qconsvc service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Mpe service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Mcstrm service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Lfsfilt service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The IPassPeriodicUpdateApp service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Ftsata2 service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Defwatch service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Cxlpt service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Cinemsup service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The Btaudio service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The AppnApi service terminated with the following error: The specified module could not be found. 2/14/2012 2:29:43 PM, error: Service Control Manager [7023] - The AmdLLD service terminated with the following error: The specified module could not be found. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_01401025&REV_00\4&1b3ebcea&0&04E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_01401025&REV_00\4&1b3ebcea&0&00E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_01401025&REV_00\4&1b3ebcea&0&02E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_01401025&REV_00\4&1b3ebcea&0&03E4) disappeared from the system without first being prepared for removal. 2/13/2012 6:35:31 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 00242B4AACAF has been denied by the DHCP server 10.5.50.1 (The DHCP Server sent a DHCPNACK message). 2/13/2012 11:24:38 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period. 2/10/2012 1:06:15 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found. . ==== End Of File ===========================

Hi there. a very thankful for administors to let me to open new topic regarding what happen at my browser. When i open the browser, automatically it will open new tab and the link are mediashifting or abnow . when i google, left click at result what i been search, it will popup the abnow.com link. not the what i want. This is my dds :- . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 Run by DIGIT at 7:41:00 on 2012-02-14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3002.2248 [GMT 5.5:30] . AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\Cyberlink\Shared files\brs.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\e-Kamus\Kamus50207.exe C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Ninja 1.6\Ninja.exe C:\Program Files\Rainlendar2.6\Rainlendar2.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe C:\DOCUME~1\DIGIT\LOCALS~1\Temp\RtkBtMnt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe \\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs C:\Program Files\Google Chrome\Chrome.exe C:\Program Files\Google Chrome\Chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.in uSearch Page = uSearch Bar = uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://search.ChatVibes.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll mURLSearchHooks: H - No File mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [Kamus502] c:\program files\e-kamus\Kamus50207.exe uRun: [NoteZilla] c:\program files\conceptworld\notezilla\NoteZilla.exe uRun: [QNPlus] uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe" mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 StartupFolder: c:\docume~1\digit\startm~1\programs\startup\ninja.lnk - c:\program files\ninja 1.6\Ninja.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rainle~1.lnk - c:\program files\rainlendar2.6\Rainlendar2.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rocket~1.lnk - c:\program files\rocketdock\RocketDock.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{50F2AF02-C20C-4CCE-B938-302BD11F66AB} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - c:\program files\common files\bricscad\BrxProtIE.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2710626&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - component: c:\documents and settings\digit\application data\idm\idmmzcc3\components\idmmzcc.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: c:\documents and settings\digit\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-10-1 101616] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/11/07 15:40:54];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-4-2 87536] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-13 652360] R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2011-12-27 140848] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-11-2 84240] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-13 20464] R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2010-11-2 637824] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 NEWDRIVER;NEWDRIVER;\??\c:\windows\system32\winvdedrv6.sys --> c:\windows\system32\WinVDEdrv6.sys [?] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\solidworks\swscheduler\DTSCoordinatorService.exe [2008-9-9 79144] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-1-5 114432] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-1-5 100736] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2009-12-8 48128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936] . =============== Created Last 30 ================ . 2012-02-13 18:07:42 709968 ----a-w- c:\windows\isRS-000.tmp 2012-02-13 17:33:40 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-13 17:33:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-13 17:17:13 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2012-02-13 17:17:13 75264 ----a-w- c:\windows\system32\unacev2.dll 2012-02-13 17:17:13 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2012-02-13 17:17:13 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2012-02-13 17:17:13 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2012-02-13 17:17:12 -------- d-----w- c:\program files\Trojan Remover 2012-02-13 17:17:12 -------- d-----w- c:\documents and settings\digit\application data\Simply Super Software 2012-02-13 17:17:12 -------- d-----w- c:\documents and settings\all users\application data\Simply Super Software 2012-02-10 19:29:51 -------- d-----w- c:\program files\common files\DirectX 2012-02-10 19:29:37 4071928 ----a-w- c:\windows\system32\GameMon.des 2012-02-10 19:27:39 5174 ----a-w- c:\windows\system32\nppt9x.vxd 2012-02-10 19:27:39 4682 ----a-w- c:\windows\system32\npptNT2.sys 2012-02-10 19:27:39 -------- d-----w- c:\program files\common files\INCA Shared 2012-02-05 15:20:47 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2012-02-05 15:20:47 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2012-02-05 15:02:41 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2012-02-05 15:02:41 21504 ----a-w- c:\windows\system32\hidserv.dll 2012-01-24 05:10:49 657179 ----a-w- c:\windows\Condition Zero Uninstaller.exe 2012-01-24 05:08:00 -------- d-----w- C:\Valve 2012-01-22 01:49:36 -------- d-----w- c:\program files\Team17 2012-01-21 04:49:32 -------- d-----w- C:\FM Genie Scout 12 2012-01-21 00:21:46 -------- d-----w- c:\documents and settings\digit\local settings\application data\Chromium 2012-01-20 12:00:34 -------- d-----w- c:\program files\SEGA 2012-01-20 10:13:03 -------- d-----w- c:\program files\Recovery Toolbox for RAR 2012-01-19 12:10:51 -------- d-----w- c:\program files\Worms Crazy Golf . ==================== Find3M ==================== . 2012-02-14 01:57:21 0 --sha-w- c:\windows\system32\dds_log_trash.cmd 2012-01-24 03:36:55 52480 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2012-01-18 22:31:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-06 16:57:07 40960 ----a-w- c:\windows\system32\nwsftUninstall.exe 2012-01-06 16:57:04 474112 ------w- c:\windows\system32\WinFLCtxMenu.dll 2012-01-06 06:02:19 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2011-12-31 11:06:11 151552 ----a-w- c:\windows\KMSEmulator.exe 2011-12-25 17:16:02 13312 ----a-r- c:\windows\system32\agrsmsvc.exe 2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:29:56 1868544 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:20:51 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:20:51 152064 ----a-w- c:\windows\system32\schannel.dll . ============= FINISH: 7:42:06.65 =============== and this is my attach.tct :- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 11/2/2010 12:24:56 PM System Uptime: 2/14/2012 7:26:33 AM (0 hours ago) . Motherboard: Acer | | Aspire 4730Z Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz | uPGA-478 | 2161/166mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 24.614 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP238: 12/15/2011 2:46:10 AM - System Checkpoint RP239: 12/15/2011 10:35:37 AM - Software Distribution Service 3.0 RP240: 12/16/2011 9:17:35 AM - Software Distribution Service 3.0 RP241: 12/16/2011 1:06:25 PM - Software Distribution Service 3.0 RP242: 12/17/2011 3:26:11 PM - Software Distribution Service 3.0 RP243: 12/19/2011 8:25:52 AM - System Checkpoint RP244: 12/20/2011 6:10:06 PM - System Checkpoint RP245: 12/23/2011 9:02:57 AM - Removed Internet Download Manager RP246: 12/25/2011 9:53:27 PM - System Checkpoint RP247: 12/27/2011 8:50:24 PM - System Checkpoint RP248: 12/29/2011 10:44:44 AM - System Checkpoint RP249: 12/30/2011 8:11:21 PM - System Checkpoint RP250: 12/31/2011 4:10:43 PM - Software Distribution Service 3.0 RP251: 1/4/2012 10:55:36 AM - System Checkpoint RP252: 1/5/2012 11:42:57 AM - System Checkpoint RP253: 1/6/2012 11:57:13 AM - System Checkpoint RP254: 1/7/2012 5:23:34 PM - System Checkpoint RP255: 1/10/2012 9:15:54 AM - System Checkpoint RP256: 1/11/2012 9:46:13 AM - System Checkpoint RP257: 1/12/2012 3:14:47 AM - Software Distribution Service 3.0 RP258: 1/12/2012 5:33:38 PM - Software Distribution Service 3.0 RP259: 1/13/2012 11:19:10 PM - System Checkpoint RP260: 1/16/2012 1:44:56 PM - System Checkpoint RP261: 1/18/2012 5:14:17 PM - System Checkpoint RP262: 1/18/2012 7:26:09 PM - Software Distribution Service 3.0 RP263: 1/20/2012 3:57:15 AM - System Checkpoint RP264: 1/20/2012 5:43:16 PM - Installed DirectX RP265: 1/20/2012 8:30:53 PM - Software Distribution Service 3.0 RP266: 1/21/2012 5:38:49 AM - Installed DirectX RP267: 1/21/2012 2:25:22 PM - Removed Dotfuscator Software Services - Community Edition RP268: 1/21/2012 2:26:34 PM - First Restore Point RP269: 1/21/2012 2:39:00 PM - Installed Kaspersky Internet Security 2012. RP270: 1/22/2012 7:25:25 AM - Installed DirectX RP271: 1/23/2012 1:30:03 PM - System Checkpoint RP272: 1/30/2012 12:12:49 AM - System Checkpoint RP273: 1/31/2012 6:29:41 PM - System Checkpoint RP274: 2/2/2012 9:14:59 PM - System Checkpoint RP275: 2/6/2012 11:22:47 AM - System Checkpoint RP276: 2/7/2012 1:53:00 PM - System Checkpoint RP277: 2/10/2012 9:42:24 AM - System Checkpoint RP278: 2/11/2012 3:35:22 PM - System Checkpoint RP279: 2/12/2012 11:36:44 PM - System Checkpoint RP280: 2/13/2012 6:40:16 PM - First Restore Point . ==== Installed Programs ====================== . . 7-Zip 9.20 Acer Crystal Eye Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.0 Advertising Center Agere Systems HDA Modem AMR to MP3 Converter 1.4 Any Video Converter Professional 2.6.1 Ashampoo Burning Studio 10 v.10.0.15 BricsCad 7.1 Broadcom Driver v4.170.25.12_Foxconn Installation Program Canon Easy-WebPrint EX Canon MP Navigator EX 3.0 Canon MP250 series MP Drivers Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities Solution Menu CCleaner Celcom Broadband Manager Cheat Engine 6.1 Condition Zero ConvertXtoDVD 4.1.4.338 Crystal Reports for Visual Studio CyberLink PowerDVD 10 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition DolbyFiles e-Kamus F1 2010 Fish Tycoon FM Genie Scout 12 version 1.00 beta 4 Football Manager 2012 FormatFactory 2.70 Garena - BlackShot Garena Plus GIMP 2.6.11 GOM Player Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB958655-v2) Hotfix for Windows XP (KB961118) ImagXpress Intel® Graphics Media Accelerator Driver Internet Download Manager Java Auto Updater Java 6 Update 29 JMicron JMB38X Flash Media Controller K-Lite Codec Pack 7.5.0 (Full) L&H TTS3000 British English Magical Jelly Bean KeyFinder Malwarebytes Anti-Malware version 1.60.1.1000 Menu Templates - Starter Kit Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Help Viewer 1.0 Microsoft MSDN 2005 Express Edition - ENU Microsoft Office 2003 Web Components Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x86) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x86) Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x86) Microsoft Visual Studio 2010 Performance Collection Tools - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio Macro Tools Movie Templates - Starter Kit Mozilla Firefox 10.0 (x86 en-US) MP3 Splitter & Joiner Pro 4.22 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB925673) Nero 9 Nero BurnRights Nero ControlCenter Nero CoverDesigner Nero DiscSpeed Nero DriveSpeed Nero InfoTool Nero Installer Nero PhotoSnap Nero Recode Nero Rescue Agent Nero ShowTime Nero StartSmart Nero Vision Nero WaveEditor NeroBurningROM NeroExpress neroxml NoteZilla 7.0 OpenAL Picasa 3 Pro Evolution Soccer 2011 Pro Evolution Soccer 2012 Protected Folder Quran in Ms Word Ralink Wireless LAN Installation Program for XP v1.1.5.0 Rapture3D 2.4.4 Game Real Alternative 2.0.2 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Recovery Toolbox for RAR 1.1 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft InfoPath 2010 (KB2510065) Security Update for Microsoft Office 2010 (KB2289078) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2409055) Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489) Security Update for Microsoft Windows (KB2564958) Security Update for Microsoft Word 2010 (KB2345000) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Service Pack 1 for SQL Server 2008 (KB968369) Skype Toolbars Skype™ 5.3 SolidWorks 2009 SP0 SoundTrax Splash PRO Sql Server Customer Experience Improvement Program StreamTransport version: 1.0.2.2171 Synaptics Pointing Device Driver Trojan Remover 6.8.2 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2202188) Update for Microsoft Office 2010 (KB2413186) Update for Microsoft Office 2010 (KB2523113) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VLC media player 1.1.4 Web Deployment Tool WebFldrs XP Winamp Winamp Detector Plug-in WinDjView 1.0.3 Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Internet Explorer 8 Windows Live ID Sign-in Assistant Windows Media Player Firefox Plugin Windows Presentation Foundation XML Paper Specification Shared Components Pack 1.0 Yahoo! BrowserPlus 2.9.8 Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 2/9/2012 8:06:20 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: KLIF 2/9/2012 8:06:20 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found. 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The NEWDRIVER service failed to start due to the following error: The system cannot find the file specified. 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: Only part of a ReadProcessMemory or WriteProcessMemory request was completed. 2/9/2012 8:06:20 AM, error: Service Control Manager [7000] - The Agere Modem Call Progress Audio service failed to start due to the following error: Only part of a ReadProcessMemory or WriteProcessMemory request was completed. 2/8/2012 9:35:56 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00242B4AACAF has been denied by the DHCP server 10.5.50.1 (The DHCP Server sent a DHCPNACK message). 2/8/2012 5:53:28 PM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible. 2/7/2012 1:05:44 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{50F2AF02-C20C-4CCE-B938-302BD11F66AB} because another computer on the network has the same name. The server could not start. 2/7/2012 1:05:44 PM, error: NetBT [4321] - The name "DIGIT_PC :20" could not be registered on the Interface with IP address 192.168.1.10. The machine with the IP address 192.168.1.2 did not allow the name to be claimed by this machine. 2/7/2012 1:05:43 PM, error: NetBT [4321] - The name "DIGIT_PC :0" could not be registered on the Interface with IP address 192.168.1.10. The machine with the IP address 192.168.1.2 did not allow the name to be claimed by this machine. 2/14/2012 7:37:28 AM, error: Service Control Manager [7023] - The Shuttleengine service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:36:33 AM, error: Service Control Manager [7023] - The AmdLLD service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:35:26 AM, error: Service Control Manager [7023] - The XUIF service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:35:02 AM, error: Service Control Manager [7023] - The Wmccdsls service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:31:25 AM, error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:31:15 AM, error: Service Control Manager [7023] - The Qconsvc service terminated with the following error: The specified procedure could not be found. 2/14/2012 7:28:36 AM, error: Service Control Manager [7023] - The Safety Settings Service service terminated with the following error: The specified module could not be found. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_01401025&REV_00\4&1b3ebcea&0&04E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_01401025&REV_00\4&1b3ebcea&0&00E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_01401025&REV_00\4&1b3ebcea&0&02E4) disappeared from the system without first being prepared for removal. 2/13/2012 9:19:08 AM, error: PlugPlayManager [12] - The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_01401025&REV_00\4&1b3ebcea&0&03E4) disappeared from the system without first being prepared for removal. 2/13/2012 6:35:31 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 00242B4AACAF has been denied by the DHCP server 10.5.50.1 (The DHCP Server sent a DHCPNACK message). 2/13/2012 11:24:38 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period. . ==== End Of File =========================== thanks a lot.

Sorry if this reply make unused to all.. Is this can't be solved? please help deh.

Hi. 1st of all, i would like to apologize because last day i intefered someone forum. Maybe this kind of problem expertise malware have solved it. but, the problem is i don't know where to start to solve my problem when i read in other's post. I really appreciate if expertise would show the way to solve this thing up. I would like to attach RKreport because i see my system have been infected by BackDoor Trojan : ZeroAccess. The problem is, i don't know how to start over. What next step must i take? I really appreciate it. Thanks a lot. dds.txt RKreport1.txt Sorry cuz im forgot to paste the DDS log. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 Run by DIGIT at 3:54:51 on 2012-01-08 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3002.2073 [GMT 5.5:30] . AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\WINDOWS\system32\WinFLService.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\Cyberlink\Shared files\brs.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\e-Kamus\Kamus50207.exe C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\WINDOWS\system32\WinFLTray.exe C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe C:\Program Files\Ninja 1.6\Ninja.exe C:\Program Files\Rainlendar2.6\Rainlendar2.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\DOCUME~1\DIGIT\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.ChatVibes.com uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://search.ChatVibes.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\chatvibes toolbar\tbhelper.dll BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: FMTLB0003 Class: {0ec9148f-41e2-437c-8437-e576fe833a52} - c:\program files\chatvibes toolbar\tbcore3.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: ChatVibes Toolbar: {01193d00-c7f9-4c26-92a2-1ca91f170068} - c:\program files\chatvibes toolbar\tbcore3.dll EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [Kamus502] c:\program files\e-kamus\Kamus50207.exe uRun: [NoteZilla] c:\program files\conceptworld\notezilla\NoteZilla.exe uRun: [QNPlus] uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [WinFLTray] c:\windows\system32\WinFLTray.exe uRun: [FLBackup] c:\program files\newsoftware's\folder lock\FLComServCtrl.exe mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe" mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 StartupFolder: c:\docume~1\digit\startm~1\programs\startup\ninja.lnk - c:\program files\ninja 1.6\Ninja.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rainle~1.lnk - c:\program files\rainlendar2.6\Rainlendar2.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\rocket~1.lnk - c:\program files\rocketdock\RocketDock.exe StartupFolder: c:\docume~1\digit\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe uPolicies-explorer: ForceClassicControlPanel = 1 (0x1) IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{50F2AF02-C20C-4CCE-B938-302BD11F66AB} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - c:\program files\common files\bricscad\BrxProtIE.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: klogon - c:\windows\system32\klogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2710626&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.my/ FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - component: c:\documents and settings\digit\application data\idm\idmmzcc3\components\idmmzcc.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\{2bcf3d7a-1ada-4ffd-8029-3759e7ee8f7c}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCore.dll FF - component: c:\documents and settings\digit\application data\mozilla\firefox\profiles\vwcrr6uj.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: c:\documents and settings\digit\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\program files\veetle\player\npvlc.dll FF - plugin: c:\program files\veetle\plugins\npVeetle.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2011-3-4 133208] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-10-1 101616] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352] R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-10-12 565552] R1 WinFLAdrv;WinFLAdrv;c:\windows\system32\WinFLAdrv.sys [2012-1-6 30608] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/11/07 15:40:54];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-4-2 87536] R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe [2011-4-24 202296] R2 FLService;FLService;c:\windows\system32\WinFLService.exe [2012-1-6 96856] R2 NEWDRIVER;NEWDRIVER;c:\windows\system32\WinVDEdrv6.sys [2012-1-6 188176] R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2011-12-27 140848] R2 WinVDEDrv;WinVDEDrv;c:\windows\system32\WinVDEdrv.sys [2012-1-6 228112] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-11-2 84240] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2011-3-10 34608] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472] R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2010-11-2 637824] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\solidworks\swscheduler\DTSCoordinatorService.exe [2008-9-9 79144] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-1-5 114432] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-1-5 100736] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2009-12-8 48128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936] . =============== Created Last 30 ================ . 2012-01-07 21:56:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-01-07 21:41:23 -------- d-----w- c:\documents and settings\digit\application data\Malwarebytes 2012-01-07 21:41:15 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-01-07 21:36:13 -------- d-----w- c:\program files\Magical Jelly Bean 2012-01-06 16:57:30 30608 ----a-w- c:\windows\system32\WinFLAdrv.sys 2012-01-06 16:57:29 188176 ----a-w- c:\windows\system32\WinVDEdrv6.sys 2012-01-06 16:57:28 228112 ----a-w- c:\windows\system32\WinVDEdrv.sys 2012-01-06 16:57:09 96856 ----a-w- c:\windows\system32\WinFLService.exe 2012-01-06 16:57:08 14936 ----a-w- c:\windows\system32\WinFLMsgService.exe 2012-01-06 16:57:06 315992 ----a-w- c:\windows\system32\WinFLTray.exe 2012-01-06 16:57:05 315992 ----a-w- c:\windows\system32\WinFLTrayShred.exe 2012-01-06 16:57:02 -------- d-----w- c:\program files\NewSoftware's 2012-01-06 05:37:45 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2012-01-05 10:32:32 -------- d-----w- c:\windows\system32\LogFiles 2012-01-04 11:55:14 -------- d-----w- c:\documents and settings\digit\application data\GarenaPlus 2012-01-04 11:54:55 -------- d-----w- c:\program files\Garena Plus 2012-01-04 11:54:41 -------- d-----w- c:\documents and settings\all users\application data\GarenaMessenger 2012-01-04 10:07:02 -------- d-----w- c:\program files\themexp.org 2011-12-27 16:07:37 -------- d-----w- c:\program files\IObit 2011-12-27 16:07:37 -------- d-----w- c:\documents and settings\all users\application data\IObit 2011-12-25 17:06:22 -------- d-sh--w- c:\documents and settings\digit\local settings\application data\5c802fdf 2011-12-25 16:41:26 474112 ----a-w- c:\windows\system32\WinFLCtxMenu.dll 2011-12-23 03:39:35 -------- d-----w- c:\program files\Internet Download Manager 2011-12-23 03:28:45 -------- d-----w- c:\documents and settings\digit\application data\IDM 2011-12-15 02:26:46 -------- d-----w- c:\documents and settings\digit\application data\Conceptworld 2011-12-15 02:26:38 1060864 ----a-w- c:\windows\system32\mfc71.dll 2011-12-15 02:26:38 -------- d-----w- c:\program files\Conceptworld 2011-12-10 10:21:17 -------- d-----w- c:\program files\Quran_in_Word . ==================== Find3M ==================== . 2012-01-06 16:57:07 40960 ----a-w- c:\windows\system32\nwsftUninstall.exe 2011-12-31 11:06:11 151552 ----a-w- c:\windows\KMSEmulator.exe 2011-12-25 17:16:02 13312 ----a-r- c:\windows\system32\agrsmsvc.exe 2011-11-23 13:29:56 1868544 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 12:45:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:20:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:38:37 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:33 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:21:17 692736 ----a-w- c:\windows\system32\inetcomm.dll . ============= FINISH: 4:01:07.48 =============== FSS.txt