Jump to content

jimrex

Honorary Members
  • Posts

    30
  • Joined

  • Last visited

Posts posted by jimrex

  1. ComboFix 12-12-04.01 - User 06/12/2012 23:32:49.5.2 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.477 [GMT 11:00]

    Running from: c:\documents and settings\User\Desktop\ComboFix.exe

    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-11-06 to 2012-12-06 )))))))))))))))))))))))))))))))

    .

    .

    2012-12-06 02:08 . 2012-12-06 02:08 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2012-12-05 22:29 . 2012-12-05 22:30 -------- d-----w- c:\program files\CCleaner

    2012-12-05 21:51 . 2012-12-05 21:51 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\VS Revo Group

    2012-12-05 21:51 . 2012-12-05 21:51 -------- d-----w- c:\windows\LastGood

    2012-12-05 21:50 . 2009-12-30 00:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

    2012-12-05 21:50 . 2012-12-05 21:50 -------- d-----w- c:\program files\VS Revo Group

    2012-12-05 13:52 . 2012-11-07 23:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B2F2292E-8794-457B-B2E1-BC0C06A0A935}\mpengine.dll

    2012-12-05 08:31 . 2012-11-07 23:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

    2012-12-04 09:20 . 2012-12-04 09:20 -------- d-----w- c:\program files\Microsoft Security Client

    2012-11-21 02:06 . 2012-11-21 02:06 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-11-11 03:36 . 2012-04-01 04:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-11-11 03:36 . 2011-05-30 04:34 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-11-09 01:45 . 2007-07-10 11:10 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

    2012-11-09 01:45 . 2007-07-10 11:10 52648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll

    2012-11-09 01:45 . 2007-07-10 11:10 31144 ----a-w- c:\windows\system32\LMIport.dll

    2012-11-09 01:45 . 2007-07-10 11:09 92072 ----a-w- c:\windows\system32\LMIinit.dll

    2012-10-22 08:37 . 2003-03-31 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys

    2012-10-21 03:38 . 2012-10-21 03:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2012-10-21 03:37 . 2012-05-29 02:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

    2012-10-21 03:37 . 2007-07-11 12:51 143872 ----a-w- c:\windows\system32\javacpl.cpl

    2012-10-21 03:37 . 2010-05-07 04:29 746984 ----a-w- c:\windows\system32\deployJava1.dll

    2012-10-09 11:03 . 2012-10-09 11:03 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

    2012-10-02 18:04 . 2003-03-31 12:00 58368 ----a-w- c:\windows\system32\synceng.dll

    2012-09-29 08:54 . 2011-05-23 13:06 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    .

    .

    ------- Sigcheck -------

    Note: Unsigned files aren't necessarily malware.

    .

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

    [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

    [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys

    [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys

    [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys

    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

    [-] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

    [-] 2003-03-31 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

    .

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

    [-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll

    [-] 2006-02-28 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll

    [-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

    [-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

    [-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll

    [-] 2003-03-31 . 493FCBED180DCACF0B5D4C8C29949CA9 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

    .

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

    [-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2003-03-31 . E3DF4A0252D287C44606EE55355E1623 . 101376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe

    .

    [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe

    [-] 2006-02-28 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2003-03-31 . 9B4155BA58192D4073082B8FC5D42612 . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

    .

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

    [-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

    [7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\1226636\comctl32.dll

    [7] 2008-04-13 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll

    [-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    [-] 2006-02-28 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

    [7] 2006-02-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\86604\comctl32.dll

    [-] 2006-02-28 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

    [-] 2003-03-31 . 0B5D337119929505EE72D4E4A41ED1FD . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

    [7] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

    [-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

    .

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

    [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

    [-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll

    [7] 2008-04-13 18:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

    [-] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

    [-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll

    [-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

    [-] 2003-03-31 12:00 . C9702DDD814C39DC1254CF757C31C6E4 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll

    .

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

    [-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

    [-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll

    [-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

    [-] 2006-02-28 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

    [-] 2003-03-31 . 8F162DC91D67D87C1A481BF602A9DAC8 . 930304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

    .

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

    [-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

    [7] 2008-04-13 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2006-02-28 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

    [-] 2003-03-31 . 18A8BE5A66B93F9C9615F7D4C148EDE2 . 228352 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

    .

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll

    [-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll

    [-] 2003-03-31 . 73C90911DD86A10D4004C7D6E655A41B . 339456 . . [1.0409.2600.1106] . . c:\windows\$NtServicePackUninstall$\usp10.dll

    .

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll

    [-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll

    [-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

    [-] 2006-02-28 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

    [-] 2003-03-31 . 61684089A54936E40F65DA02D47A28AE . 116224 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

    .

    [-] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll

    [-] 2009-02-09 . 911DDF2E16761643A47225F654D811E5 . 714752 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll

    [-] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll

    [-] 2003-03-31 . 983940F6627F77C250BE0AE398FC53FB . 668672 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntdll.dll

    .

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime

    [-] 2009-02-27 . 30B7D847BA9075AA8E1122FB6AF3D1B5 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime

    [-] 2003-03-31 . 3897091314386D0EABF934870E36809C . 162304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\msctfime.ime

    .

    [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll

    [-] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

    [-] 2003-03-31 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]

    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

    .

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

    .

    c:\documents and settings\User\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\documents and settings\User\Application Data\Dropbox\bin\Dropbox.exe [2012-5-25 27112840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

    2012-11-09 01:45 92072 ----a-w- c:\windows\system32\LMIinit.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\Program Files\\uTorrent\\uTorrent.exe"=

    "c:\\Documents and Settings\\User\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

    "c:\\Program Files\\iTunes\\iTunes.exe"=

    .

    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2/10/2010 8:59 PM 374704]

    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [17/04/2007 3:00 PM 12856]

    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [6/12/2012 1:08 PM 40776]

    R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [17/04/2007 3:00 PM 13408]

    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?]

    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [18/10/2012 9:04 AM 18432]

    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [6/12/2012 8:50 AM 27064]

    S3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\SR9USB.sys [30/05/2011 4:27 PM 14592]

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - JAVAQUICKSTARTERSERVICE

    *NewlyCreated* - MBAMSWISSARMY

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    vvdsvc REG_MULTI_SZ vvdsvc

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    S7oppilx

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 03:36]

    .

    2012-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job

    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 06:57]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004Core.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004UA.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-12-05 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

    - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 06:25]

    .

    2012-12-02 c:\windows\Tasks\UPDATER.job

    - c:\documents and settings\User\My Documents\UPDATER.exe [2011-05-30 04:31]

    .

    2012-12-05 c:\windows\Tasks\User_Feed_Synchronization-{9D82F2A1-14C8-45C5-BD16-8ECA24E56CA0}.job

    - c:\windows\system32\msfeedssync.exe [2009-03-07 17:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.tradingroom.com.au/apps/mkt/forex.ac

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    TCP: DhcpNameServer = 192.168.1.1

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-12-06 23:45

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

    @="?????????????????? v1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

    @="?????????????????? v2"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(744)

    c:\windows\system32\LMIinit.dll

    c:\windows\system32\LMIRfsClientNP.dll

    .

    - - - - - - - > 'explorer.exe'(2136)

    c:\windows\system32\WININET.dll

    c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

    c:\windows\system32\ieframe.dll

    c:\windows\system32\webcheck.dll

    c:\windows\system32\WPDShServiceObj.dll

    c:\windows\system32\PortableDeviceTypes.dll

    c:\windows\system32\PortableDeviceApi.dll

    .

    Completion time: 2012-12-06 23:52:00

    ComboFix-quarantined-files.txt 2012-12-06 12:51

    ComboFix2.txt 2012-12-03 06:13

    ComboFix3.txt 2012-12-03 04:33

    ComboFix4.txt 2012-12-03 00:22

    ComboFix5.txt 2012-12-06 12:31

    .

    Pre-Run: 14,322,737,152 bytes free

    Post-Run: 14,467,031,040 bytes free

    .

    - - End Of File - - A2937C19FDB83BC7ACBFCAF152BBC8D6

    I cant really tell you about the speed of the comp yet as I have to try it a bit first

  2. Malwarebytes Anti-Malware 1.65.1.1000

    www.malwarebytes.org

    Database version: v2012.12.06.02

    Windows XP Service Pack 3 x86 NTFS

    Internet Explorer 8.0.6001.18702

    User :: USER-A7C827E03A [administrator]

    6/12/2012 1:09:22 PM

    mbam-log-2012-12-06 (13-09-22).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 244366

    Time elapsed: 21 minute(s), 47 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 1:37:07 PM, on 6/12/2012

    Platform: Windows XP SP3 (WinNT 5.01.2600)

    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Microsoft Security Client\MsMpEng.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

    C:\Program Files\LogMeIn\x86\RaMaint.exe

    C:\Program Files\LogMeIn\x86\LogMeIn.exe

    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Java\jre7\bin\jqs.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\WINDOWS\explorer.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

    C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\FOTU9I0H\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tradingroom.com.au/apps/mkt/forex.ac

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O2 - BHO: (no name) - AutorunsDisabled - (no file)

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')

    O4 - Startup: Dropbox.lnk = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    O9 - Extra button: (no name) - AutorunsDisabled - (no file)

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173184360781

    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343632656734

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.freecricket.tv/plugins/freecricket.cab

    O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://www.belairresort.com.au/virtual-tour/tours/cabs/svideo3.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=972

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

    O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe

    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O24 - Desktop Component 0: (no name) - (no file)

    --

    End of file - 7190 bytes

    Things are still running slow especially explorer, plus opening files seems slow

    Thanks agaim

  3. C:\Documents and Settings\User\Local Settings\Temp\~!#17D.tmp

    :C:\Program Files\Common Files\Win\WinLiveContact.exe

    runkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\WinLiveContact

    regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\WinLiveContact

    C:\WINDOWS\system32\SrvcEPECioctl.dll

    service:hsvcmod

    C:\Documents and Settings\User\Local Settings\Temp\~!#179.tmp

    C:\Documents and Settings\User\Local Settings\Temp\jar_cache8136708506874784647.tmp

    C:\WINDOWS\system32\isdrv122.dll

    service:anio

    C:\WINDOWS\system32\isdrv122.dll

    service:anio

    C:\Documents and Settings\User\Local Settings\Temp\~!#17B.tmp

    just to name a few, there are plenty more

  4. Sorry but my daughter closed the log, so I had to do it all again

    Hope it's good

    ComboFix 12-12-02.01 - User 03/12/2012 16:57:47.4.2 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.407 [GMT 11:00]

    Running from: c:\documents and settings\User\Desktop\ComboFix.exe

    Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt

    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))

    .

    .

    2012-12-03 00:26 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{661A74CD-E81F-451C-8BAC-F184D59E6122}\mpengine.dll

    2012-12-02 14:39 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

    2012-11-21 02:06 . 2012-11-21 02:06 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-11-11 03:36 . 2012-04-01 04:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-11-11 03:36 . 2011-05-30 04:34 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-11-09 01:45 . 2007-07-10 11:10 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

    2012-11-09 01:45 . 2007-07-10 11:10 52648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll

    2012-11-09 01:45 . 2007-07-10 11:10 31144 ----a-w- c:\windows\system32\LMIport.dll

    2012-11-09 01:45 . 2007-07-10 11:09 92072 ----a-w- c:\windows\system32\LMIinit.dll

    2012-10-22 08:37 . 2003-03-31 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys

    2012-10-21 03:38 . 2012-10-21 03:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2012-10-21 03:37 . 2012-05-29 02:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

    2012-10-21 03:37 . 2007-07-11 12:51 143872 ----a-w- c:\windows\system32\javacpl.cpl

    2012-10-21 03:37 . 2010-05-07 04:29 746984 ----a-w- c:\windows\system32\deployJava1.dll

    2012-10-09 11:03 . 2012-10-09 11:03 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

    2012-10-02 18:04 . 2003-03-31 12:00 58368 ----a-w- c:\windows\system32\synceng.dll

    2012-09-29 08:54 . 2011-05-23 13:06 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    .

    .

    ------- Sigcheck -------

    Note: Unsigned files aren't necessarily malware.

    .

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

    [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

    [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys

    [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys

    [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys

    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

    [-] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

    [-] 2003-03-31 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

    .

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

    [-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll

    [-] 2006-02-28 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll

    [-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

    [-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

    [-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll

    [-] 2003-03-31 . 493FCBED180DCACF0B5D4C8C29949CA9 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

    .

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

    [-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2003-03-31 . E3DF4A0252D287C44606EE55355E1623 . 101376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe

    .

    [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe

    [-] 2006-02-28 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2003-03-31 . 9B4155BA58192D4073082B8FC5D42612 . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

    .

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

    [-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

    [7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\1226636\comctl32.dll

    [7] 2008-04-13 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll

    [-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    [-] 2006-02-28 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

    [7] 2006-02-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\86604\comctl32.dll

    [-] 2006-02-28 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

    [-] 2003-03-31 . 0B5D337119929505EE72D4E4A41ED1FD . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

    [7] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

    [-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

    .

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

    [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

    [-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll

    [7] 2008-04-13 18:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

    [-] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

    [-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll

    [-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

    [-] 2003-03-31 12:00 . C9702DDD814C39DC1254CF757C31C6E4 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll

    .

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

    [-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

    [-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll

    [-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

    [-] 2006-02-28 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

    [-] 2003-03-31 . 8F162DC91D67D87C1A481BF602A9DAC8 . 930304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

    .

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

    [-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

    [7] 2008-04-13 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2006-02-28 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

    [-] 2003-03-31 . 18A8BE5A66B93F9C9615F7D4C148EDE2 . 228352 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

    .

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll

    [-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll

    [-] 2003-03-31 . 73C90911DD86A10D4004C7D6E655A41B . 339456 . . [1.0409.2600.1106] . . c:\windows\$NtServicePackUninstall$\usp10.dll

    .

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll

    [-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll

    [-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

    [-] 2006-02-28 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

    [-] 2003-03-31 . 61684089A54936E40F65DA02D47A28AE . 116224 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

    .

    [-] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll

    [-] 2009-02-09 . 911DDF2E16761643A47225F654D811E5 . 714752 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll

    [-] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll

    [-] 2003-03-31 . 983940F6627F77C250BE0AE398FC53FB . 668672 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntdll.dll

    .

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime

    [-] 2009-02-27 . 30B7D847BA9075AA8E1122FB6AF3D1B5 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime

    [-] 2003-03-31 . 3897091314386D0EABF934870E36809C . 162304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\msctfime.ime

    .

    [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll

    [-] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

    [-] 2003-03-31 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]

    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

    .

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

    .

    c:\documents and settings\User\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\documents and settings\User\Application Data\Dropbox\bin\Dropbox.exe [2012-5-25 27112840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

    2012-11-09 01:45 92072 ----a-w- c:\windows\system32\LMIinit.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\Program Files\\uTorrent\\uTorrent.exe"=

    "c:\\Documents and Settings\\User\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

    "c:\\Program Files\\iTunes\\iTunes.exe"=

    .

    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2/10/2010 8:59 PM 374704]

    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [17/04/2007 3:00 PM 12856]

    R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [17/04/2007 3:00 PM 13408]

    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?]

    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [18/10/2012 9:04 AM 18432]

    S3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\SR9USB.sys [30/05/2011 4:27 PM 14592]

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - 61419992

    *NewlyCreated* - ASWMBR

    *NewlyCreated* - MPKSL21C4B6B4

    *NewlyCreated* - TRUESIGHT

    *Deregistered* - 61419992

    *Deregistered* - aswMBR

    *Deregistered* - MpKsl21c4b6b4

    *Deregistered* - TrueSight

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    vvdsvc REG_MULTI_SZ vvdsvc

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    S7oppilx

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 03:36]

    .

    2012-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job

    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 06:57]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004Core.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004UA.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-12-02 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

    - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 07:25]

    .

    2012-12-02 c:\windows\Tasks\UPDATER.job

    - c:\documents and settings\User\My Documents\UPDATER.exe [2011-05-30 04:31]

    .

    2012-12-02 c:\windows\Tasks\User_Feed_Synchronization-{9D82F2A1-14C8-45C5-BD16-8ECA24E56CA0}.job

    - c:\windows\system32\msfeedssync.exe [2009-03-07 17:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.tradingroom.com.au/apps/mkt/forex.ac

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    TCP: DhcpNameServer = 192.168.1.1

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-12-03 17:08

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

    @="?????????????????? v1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

    @="?????????????????? v2"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(744)

    c:\windows\system32\LMIinit.dll

    c:\windows\system32\LMIRfsClientNP.dll

    .

    - - - - - - - > 'explorer.exe'(888)

    c:\windows\system32\WININET.dll

    c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

    c:\windows\system32\ieframe.dll

    c:\windows\system32\webcheck.dll

    c:\windows\system32\WPDShServiceObj.dll

    c:\windows\system32\PortableDeviceTypes.dll

    c:\windows\system32\PortableDeviceApi.dll

    .

    Completion time: 2012-12-03 17:13:11

    ComboFix-quarantined-files.txt 2012-12-03 06:13

    ComboFix2.txt 2012-12-03 04:33

    ComboFix3.txt 2012-12-03 00:22

    ComboFix4.txt 2012-05-10 16:15

    .

    Pre-Run: 12,332,593,152 bytes free

    Post-Run: 12,327,833,600 bytes free

    .

    - - End Of File - - E2F6139DC01D14AD3C45E0C5A5AB1145

  5. 13:34:43.0375 1032 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

    13:34:44.0546 1032 ============================================================

    13:34:44.0546 1032 Current date / time: 2012/12/03 13:34:44.0546

    13:34:44.0546 1032 SystemInfo:

    13:34:44.0546 1032

    13:34:44.0546 1032 OS Version: 5.1.2600 ServicePack: 3.0

    13:34:44.0546 1032 Product type: Workstation

    13:34:44.0546 1032 ComputerName: USER-A7C827E03A

    13:34:44.0546 1032 UserName: User

    13:34:44.0546 1032 Windows directory: C:\WINDOWS

    13:34:44.0546 1032 System windows directory: C:\WINDOWS

    13:34:44.0546 1032 Processor architecture: Intel x86

    13:34:44.0546 1032 Number of processors: 2

    13:34:44.0546 1032 Page size: 0x1000

    13:34:44.0546 1032 Boot type: Normal boot

    13:34:44.0546 1032 ============================================================

    13:34:45.0515 1032 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

    13:34:45.0546 1032 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

    13:34:45.0578 1032 ============================================================

    13:34:45.0578 1032 \Device\Harddisk0\DR0:

    13:34:45.0578 1032 MBR partitions:

    13:34:45.0578 1032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982

    13:34:45.0578 1032 \Device\Harddisk1\DR1:

    13:34:45.0578 1032 MBR partitions:

    13:34:45.0578 1032 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

    13:34:45.0578 1032 ============================================================

    13:34:45.0625 1032 C: <-> \Device\Harddisk1\DR1\Partition1

    13:34:45.0640 1032 E: <-> \Device\Harddisk0\DR0\Partition1

    13:34:45.0640 1032 ============================================================

    13:34:45.0640 1032 Initialize success

    13:34:45.0640 1032 ============================================================

    13:35:01.0187 2556 ============================================================

    13:35:01.0187 2556 Scan started

    13:35:01.0187 2556 Mode: Manual;

    13:35:01.0187 2556 ============================================================

    13:35:01.0671 2556 ================ Scan system memory ========================

    13:35:01.0671 2556 System memory - ok

    13:35:01.0671 2556 ================ Scan services =============================

    13:35:01.0859 2556 Abiosdsk - ok

    13:35:01.0875 2556 abp480n5 - ok

    13:35:01.0968 2556 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

    13:35:01.0968 2556 ACPI - ok

    13:35:02.0015 2556 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

    13:35:02.0015 2556 ACPIEC - ok

    13:35:02.0031 2556 ADIHdAudAddService - ok

    13:35:02.0203 2556 [ C1EB9968EC89FBA5F3A264E2E57923AB ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    13:35:02.0203 2556 Adobe LM Service - ok

    13:35:02.0328 2556 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    13:35:02.0328 2556 AdobeFlashPlayerUpdateSvc - ok

    13:35:02.0343 2556 adpu160m - ok

    13:35:02.0375 2556 AEAudioService - ok

    13:35:02.0406 2556 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

    13:35:02.0421 2556 aec - ok

    13:35:02.0484 2556 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

    13:35:02.0484 2556 AFD - ok

    13:35:02.0500 2556 Aha154x - ok

    13:35:02.0531 2556 aic78u2 - ok

    13:35:02.0562 2556 aic78xx - ok

    13:35:02.0625 2556 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

    13:35:02.0640 2556 Alerter - ok

    13:35:02.0703 2556 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

    13:35:02.0703 2556 ALG - ok

    13:35:02.0718 2556 AliIde - ok

    13:35:02.0750 2556 amsint - ok

    13:35:02.0921 2556 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    13:35:02.0921 2556 Apple Mobile Device - ok

    13:35:02.0937 2556 AppMgmt - ok

    13:35:02.0968 2556 asc - ok

    13:35:02.0984 2556 asc3350p - ok

    13:35:03.0000 2556 asc3550 - ok

    13:35:03.0156 2556 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

    13:35:03.0156 2556 aspnet_state - ok

    13:35:03.0218 2556 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

    13:35:03.0218 2556 AsyncMac - ok

    13:35:03.0296 2556 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

    13:35:03.0296 2556 atapi - ok

    13:35:03.0312 2556 Atdisk - ok

    13:35:03.0343 2556 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

    13:35:03.0343 2556 Atmarpc - ok

    13:35:03.0421 2556 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

    13:35:03.0421 2556 AudioSrv - ok

    13:35:03.0500 2556 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

    13:35:03.0500 2556 audstub - ok

    13:35:03.0515 2556 AVGIDSShim - ok

    13:35:03.0609 2556 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

    13:35:03.0609 2556 Beep - ok

    13:35:03.0687 2556 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

    13:35:03.0703 2556 BITS - ok

    13:35:03.0843 2556 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

    13:35:03.0890 2556 Bonjour Service - ok

    13:35:03.0968 2556 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

    13:35:03.0968 2556 Browser - ok

    13:35:04.0156 2556 catchme - ok

    13:35:04.0203 2556 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

    13:35:04.0203 2556 cbidf2k - ok

    13:35:04.0218 2556 cd20xrnt - ok

    13:35:04.0296 2556 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

    13:35:04.0296 2556 Cdaudio - ok

    13:35:04.0359 2556 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

    13:35:04.0359 2556 Cdfs - ok

    13:35:04.0375 2556 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

    13:35:04.0375 2556 Cdrom - ok

    13:35:04.0390 2556 Changer - ok

    13:35:04.0468 2556 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

    13:35:04.0468 2556 CiSvc - ok

    13:35:04.0531 2556 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

    13:35:04.0531 2556 ClipSrv - ok

    13:35:04.0578 2556 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

    13:35:04.0593 2556 clr_optimization_v2.0.50727_32 - ok

    13:35:04.0718 2556 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    13:35:04.0718 2556 clr_optimization_v4.0.30319_32 - ok

    13:35:04.0734 2556 CmdIde - ok

    13:35:04.0765 2556 COMSysApp - ok

    13:35:04.0828 2556 Cpqarray - ok

    13:35:04.0906 2556 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

    13:35:04.0906 2556 CryptSvc - ok

    13:35:04.0921 2556 dac2w2k - ok

    13:35:04.0953 2556 dac960nt - ok

    13:35:05.0046 2556 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

    13:35:05.0062 2556 DcomLaunch - ok

    13:35:05.0125 2556 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

    13:35:05.0125 2556 Dhcp - ok

    13:35:05.0187 2556 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

    13:35:05.0203 2556 Disk - ok

    13:35:05.0203 2556 dmadmin - ok

    13:35:05.0296 2556 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

    13:35:05.0328 2556 dmboot - ok

    13:35:05.0359 2556 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

    13:35:05.0375 2556 dmio - ok

    13:35:05.0406 2556 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

    13:35:05.0406 2556 dmload - ok

    13:35:05.0468 2556 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

    13:35:05.0468 2556 dmserver - ok

    13:35:05.0500 2556 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

    13:35:05.0500 2556 DMusic - ok

    13:35:05.0562 2556 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

    13:35:05.0562 2556 Dnscache - ok

    13:35:05.0609 2556 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

    13:35:05.0609 2556 Dot3svc - ok

    13:35:05.0625 2556 dpti2o - ok

    13:35:05.0671 2556 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

    13:35:05.0687 2556 drmkaud - ok

    13:35:05.0734 2556 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

    13:35:05.0734 2556 EapHost - ok

    13:35:05.0781 2556 [ 8930F2199BCB0D8EE92103510F895ABF ] ENETHUSB C:\WINDOWS\system32\DRIVERS\enethusb.sys

    13:35:05.0781 2556 ENETHUSB - ok

    13:35:05.0859 2556 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

    13:35:05.0859 2556 ERSvc - ok

    13:35:05.0921 2556 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

    13:35:05.0937 2556 Eventlog - ok

    13:35:06.0015 2556 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll

    13:35:06.0015 2556 EventSystem - ok

    13:35:06.0093 2556 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

    13:35:06.0093 2556 Fastfat - ok

    13:35:06.0156 2556 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

    13:35:06.0171 2556 FastUserSwitchingCompatibility - ok

    13:35:06.0250 2556 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

    13:35:06.0250 2556 Fdc - ok

    13:35:06.0312 2556 [ 52FA46AE36CAAFC6E1FF4FD617DFD25D ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys

    13:35:06.0328 2556 FET5X86V - ok

    13:35:06.0390 2556 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys

    13:35:06.0390 2556 FETNDIS - ok

    13:35:06.0437 2556 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

    13:35:06.0437 2556 Fips - ok

    13:35:06.0515 2556 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

    13:35:06.0515 2556 Flpydisk - ok

    13:35:06.0578 2556 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

    13:35:06.0578 2556 FltMgr - ok

    13:35:06.0671 2556 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

    13:35:06.0671 2556 FontCache3.0.0.0 - ok

    13:35:06.0703 2556 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

    13:35:06.0703 2556 Fs_Rec - ok

    13:35:06.0765 2556 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

    13:35:06.0765 2556 Ftdisk - ok

    13:35:06.0843 2556 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

    13:35:06.0843 2556 GEARAspiWDM - ok

    13:35:06.0937 2556 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

    13:35:06.0937 2556 Gpc - ok

    13:35:07.0046 2556 gupdate - ok

    13:35:07.0062 2556 gupdatem - ok

    13:35:07.0156 2556 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    13:35:07.0156 2556 gusvc - ok

    13:35:07.0218 2556 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys

    13:35:07.0218 2556 HdAudAddService - ok

    13:35:07.0250 2556 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

    13:35:07.0265 2556 HDAudBus - ok

    13:35:07.0375 2556 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

    13:35:07.0390 2556 helpsvc - ok

    13:35:07.0390 2556 HidServ - ok

    13:35:07.0468 2556 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

    13:35:07.0468 2556 HidUsb - ok

    13:35:07.0531 2556 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

    13:35:07.0531 2556 hkmsvc - ok

    13:35:07.0546 2556 hpn - ok

    13:35:07.0609 2556 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

    13:35:07.0609 2556 HTTP - ok

    13:35:07.0687 2556 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

    13:35:07.0687 2556 HTTPFilter - ok

    13:35:07.0703 2556 i2omgmt - ok

    13:35:07.0718 2556 i2omp - ok

    13:35:07.0750 2556 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

    13:35:07.0750 2556 i8042prt - ok

    13:35:07.0875 2556 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

    13:35:07.0937 2556 idsvc - ok

    13:35:07.0968 2556 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

    13:35:07.0968 2556 Imapi - ok

    13:35:08.0031 2556 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

    13:35:08.0046 2556 ImapiService - ok

    13:35:08.0078 2556 ini910u - ok

    13:35:08.0109 2556 IntelIde - ok

    13:35:08.0171 2556 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

    13:35:08.0171 2556 intelppm - ok

    13:35:08.0234 2556 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

    13:35:08.0234 2556 Ip6Fw - ok

    13:35:08.0281 2556 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

    13:35:08.0281 2556 IpFilterDriver - ok

    13:35:08.0343 2556 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

    13:35:08.0343 2556 IpInIp - ok

    13:35:08.0375 2556 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

    13:35:08.0390 2556 IpNat - ok

    13:35:08.0468 2556 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

    13:35:08.0500 2556 iPod Service - ok

    13:35:08.0578 2556 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

    13:35:08.0578 2556 IPSec - ok

    13:35:08.0656 2556 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

    13:35:08.0656 2556 IRENUM - ok

    13:35:08.0718 2556 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

    13:35:08.0718 2556 isapnp - ok

    13:35:08.0765 2556 [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys

    13:35:08.0765 2556 JGOGO - ok

    13:35:08.0781 2556 [ DAC317A5EFD8FE13FE7EC8E2B2E1D549 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys

    13:35:08.0781 2556 JRAID - ok

    13:35:08.0859 2556 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

    13:35:08.0859 2556 Kbdclass - ok

    13:35:08.0921 2556 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

    13:35:08.0921 2556 kmixer - ok

    13:35:08.0984 2556 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

    13:35:08.0984 2556 KSecDD - ok

    13:35:09.0062 2556 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

    13:35:09.0062 2556 lanmanserver - ok

    13:35:09.0140 2556 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

    13:35:09.0140 2556 lanmanworkstation - ok

    13:35:09.0156 2556 lbrtfdc - ok

    13:35:09.0250 2556 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

    13:35:09.0265 2556 LmHosts - ok

    13:35:09.0390 2556 [ 3D67740573A70C6C9B1614982CFAC4C5 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

    13:35:09.0421 2556 LMIGuardianSvc - ok

    13:35:09.0484 2556 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys

    13:35:09.0500 2556 LMIInfo - ok

    13:35:09.0562 2556 [ D95F3217C9DFA24ECA582ED8E435E221 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe

    13:35:09.0578 2556 LMIMaint - ok

    13:35:09.0640 2556 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys

    13:35:09.0640 2556 lmimirr - ok

    13:35:09.0656 2556 LMIRfsClientNP - ok

    13:35:09.0734 2556 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

    13:35:09.0734 2556 LMIRfsDriver - ok

    13:35:09.0812 2556 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe

    13:35:09.0828 2556 LogMeIn - ok

    13:35:09.0906 2556 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

    13:35:09.0906 2556 Messenger - ok

    13:35:10.0046 2556 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

    13:35:10.0062 2556 Microsoft Office Groove Audit Service - ok

    13:35:10.0109 2556 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

    13:35:10.0109 2556 mnmdd - ok

    13:35:10.0156 2556 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

    13:35:10.0156 2556 mnmsrvc - ok

    13:35:10.0218 2556 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

    13:35:10.0218 2556 Modem - ok

    13:35:10.0296 2556 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

    13:35:10.0312 2556 Mouclass - ok

    13:35:10.0390 2556 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

    13:35:10.0390 2556 mouhid - ok

    13:35:10.0437 2556 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

    13:35:10.0453 2556 MountMgr - ok

    13:35:10.0531 2556 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

    13:35:10.0546 2556 MpFilter - ok

    13:35:10.0562 2556 mraid35x - ok

    13:35:10.0609 2556 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

    13:35:10.0625 2556 MRxDAV - ok

    13:35:10.0687 2556 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

    13:35:10.0687 2556 MRxSmb - ok

    13:35:10.0750 2556 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

    13:35:10.0765 2556 MSDTC - ok

    13:35:10.0828 2556 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

    13:35:10.0828 2556 Msfs - ok

    13:35:10.0843 2556 MSIServer - ok

    13:35:10.0906 2556 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

    13:35:10.0906 2556 MSKSSRV - ok

    13:35:11.0015 2556 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

    13:35:11.0015 2556 MsMpSvc - ok

    13:35:11.0062 2556 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

    13:35:11.0062 2556 MSPCLOCK - ok

    13:35:11.0125 2556 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

    13:35:11.0125 2556 MSPQM - ok

    13:35:11.0187 2556 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

    13:35:11.0187 2556 mssmbios - ok

    13:35:11.0250 2556 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys

    13:35:11.0250 2556 MTsensor - ok

    13:35:11.0312 2556 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

    13:35:11.0312 2556 Mup - ok

    13:35:11.0375 2556 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

    13:35:11.0375 2556 napagent - ok

    13:35:11.0437 2556 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

    13:35:11.0437 2556 NDIS - ok

    13:35:11.0500 2556 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

    13:35:11.0500 2556 NdisTapi - ok

    13:35:11.0578 2556 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

    13:35:11.0578 2556 Ndisuio - ok

    13:35:11.0593 2556 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

    13:35:11.0593 2556 NdisWan - ok

    13:35:11.0671 2556 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

    13:35:11.0671 2556 NDProxy - ok

    13:35:11.0734 2556 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys

    13:35:11.0734 2556 Netaapl - ok

    13:35:11.0796 2556 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

    13:35:11.0812 2556 NetBIOS - ok

    13:35:11.0859 2556 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

    13:35:11.0859 2556 NetBT - ok

    13:35:11.0921 2556 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

    13:35:11.0921 2556 NetDDE - ok

    13:35:11.0937 2556 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

    13:35:11.0953 2556 NetDDEdsdm - ok

    13:35:12.0000 2556 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

    13:35:12.0000 2556 Netlogon - ok

    13:35:12.0062 2556 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

    13:35:12.0078 2556 Netman - ok

    13:35:12.0140 2556 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

    13:35:12.0140 2556 NetTcpPortSharing - ok

    13:35:12.0187 2556 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

    13:35:12.0187 2556 Nla - ok

    13:35:12.0203 2556 nmwcd - ok

    13:35:12.0234 2556 nmwcdc - ok

    13:35:12.0296 2556 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

    13:35:12.0312 2556 Npfs - ok

    13:35:12.0343 2556 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

    13:35:12.0375 2556 Ntfs - ok

    13:35:12.0406 2556 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe

    13:35:12.0406 2556 NtLmSsp - ok

    13:35:12.0468 2556 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

    13:35:12.0484 2556 NtmsSvc - ok

    13:35:12.0531 2556 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

    13:35:12.0531 2556 Null - ok

    13:35:12.0593 2556 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

    13:35:12.0593 2556 NwlnkFlt - ok

    13:35:12.0640 2556 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

    13:35:12.0640 2556 NwlnkFwd - ok

    13:35:12.0765 2556 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

    13:35:12.0828 2556 odserv - ok

    13:35:12.0921 2556 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    13:35:12.0921 2556 ose - ok

    13:35:12.0937 2556 PalmUSBD - ok

    13:35:13.0015 2556 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

    13:35:13.0015 2556 Parport - ok

    13:35:13.0078 2556 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

    13:35:13.0078 2556 PartMgr - ok

    13:35:13.0156 2556 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

    13:35:13.0156 2556 ParVdm - ok

    13:35:13.0203 2556 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

    13:35:13.0203 2556 pccsmcfd - ok

    13:35:13.0250 2556 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

    13:35:13.0265 2556 PCI - ok

    13:35:13.0281 2556 PCIDump - ok

    13:35:13.0359 2556 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys

    13:35:13.0359 2556 PCIIde - ok

    13:35:13.0421 2556 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

    13:35:13.0421 2556 Pcmcia - ok

    13:35:13.0437 2556 PDCOMP - ok

    13:35:13.0468 2556 PDFRAME - ok

    13:35:13.0484 2556 PDRELI - ok

    13:35:13.0515 2556 PDRFRAME - ok

    13:35:13.0546 2556 perc2 - ok

    13:35:13.0578 2556 perc2hib - ok

    13:35:13.0687 2556 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

    13:35:13.0687 2556 PlugPlay - ok

    13:35:13.0703 2556 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

    13:35:13.0703 2556 PolicyAgent - ok

    13:35:13.0781 2556 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

    13:35:13.0781 2556 PptpMiniport - ok

    13:35:13.0796 2556 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

    13:35:13.0796 2556 Processor - ok

    13:35:13.0843 2556 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

    13:35:13.0843 2556 ProtectedStorage - ok

    13:35:13.0859 2556 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

    13:35:13.0859 2556 PSched - ok

    13:35:13.0937 2556 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

    13:35:13.0937 2556 Ptilink - ok

    13:35:14.0000 2556 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

    13:35:14.0000 2556 PxHelp20 - ok

    13:35:14.0015 2556 ql1080 - ok

    13:35:14.0031 2556 Ql10wnt - ok

    13:35:14.0078 2556 ql12160 - ok

    13:35:14.0109 2556 ql1240 - ok

    13:35:14.0125 2556 ql1280 - ok

    13:35:14.0218 2556 [ B953369C5EF43615F1BFA9CEA69FC9AA ] radpms C:\WINDOWS\system32\DRIVERS\radpms.sys

    13:35:14.0218 2556 radpms - ok

    13:35:14.0281 2556 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

    13:35:14.0281 2556 RasAcd - ok

    13:35:14.0359 2556 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

    13:35:14.0359 2556 RasAuto - ok

    13:35:14.0406 2556 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

    13:35:14.0406 2556 Rasl2tp - ok

    13:35:14.0468 2556 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

    13:35:14.0484 2556 RasMan - ok

    13:35:14.0500 2556 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

    13:35:14.0500 2556 RasPppoe - ok

    13:35:14.0578 2556 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

    13:35:14.0578 2556 Raspti - ok

    13:35:14.0640 2556 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

    13:35:14.0656 2556 Rdbss - ok

    13:35:14.0671 2556 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

    13:35:14.0671 2556 RDPCDD - ok

    13:35:14.0765 2556 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

    13:35:14.0781 2556 RDPWD - ok

    13:35:14.0843 2556 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

    13:35:14.0843 2556 RDSessMgr - ok

    13:35:14.0937 2556 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

    13:35:14.0937 2556 redbook - ok

    13:35:14.0984 2556 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

    13:35:15.0000 2556 RemoteAccess - ok

    13:35:15.0046 2556 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys

    13:35:15.0062 2556 RimUsb - ok

    13:35:15.0125 2556 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys

    13:35:15.0125 2556 RimVSerPort - ok

    13:35:15.0187 2556 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys

    13:35:15.0187 2556 ROOTMODEM - ok

    13:35:15.0250 2556 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe

    13:35:15.0250 2556 RpcLocator - ok

    13:35:15.0296 2556 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

    13:35:15.0312 2556 RpcSs - ok

    13:35:15.0359 2556 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe

    13:35:15.0359 2556 RSVP - ok

    13:35:15.0406 2556 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

    13:35:15.0406 2556 SamSs - ok

    13:35:15.0468 2556 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

    13:35:15.0468 2556 SCardSvr - ok

    13:35:15.0531 2556 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

    13:35:15.0531 2556 Schedule - ok

    13:35:15.0609 2556 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

    13:35:15.0609 2556 Secdrv - ok

    13:35:15.0671 2556 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

    13:35:15.0671 2556 seclogon - ok

    13:35:15.0687 2556 SenFiltService - ok

    13:35:15.0765 2556 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

    13:35:15.0765 2556 SENS - ok

    13:35:15.0796 2556 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

    13:35:15.0796 2556 serenum - ok

    13:35:15.0843 2556 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

    13:35:15.0843 2556 Serial - ok

    13:35:15.0953 2556 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    13:35:16.0000 2556 ServiceLayer - ok

    13:35:16.0125 2556 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys

    13:35:16.0125 2556 Sfloppy - ok

    13:35:16.0203 2556 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

    13:35:16.0203 2556 SharedAccess - ok

    13:35:16.0234 2556 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

    13:35:16.0234 2556 ShellHWDetection - ok

    13:35:16.0265 2556 Simbad - ok

    13:35:16.0296 2556 Sparrow - ok

    13:35:16.0390 2556 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

    13:35:16.0390 2556 splitter - ok

    13:35:16.0468 2556 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

    13:35:16.0468 2556 Spooler - ok

    13:35:16.0515 2556 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

    13:35:16.0515 2556 sr - ok

    13:35:16.0562 2556 [ AED8743D96A35F587A3099CA2B84564A ] SR9USB C:\WINDOWS\system32\DRIVERS\SR9USB.sys

    13:35:16.0562 2556 SR9USB - ok

    13:35:16.0625 2556 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

    13:35:16.0640 2556 srservice - ok

    13:35:16.0734 2556 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

    13:35:16.0734 2556 Srv - ok

    13:35:16.0796 2556 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

    13:35:16.0796 2556 SSDPSRV - ok

    13:35:16.0875 2556 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys

    13:35:16.0875 2556 StarOpen - ok

    13:35:16.0953 2556 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

    13:35:16.0984 2556 stisvc - ok

    13:35:17.0062 2556 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

    13:35:17.0062 2556 swenum - ok

    13:35:17.0078 2556 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

    13:35:17.0078 2556 swmidi - ok

    13:35:17.0109 2556 SwPrv - ok

    13:35:17.0140 2556 symc810 - ok

    13:35:17.0171 2556 symc8xx - ok

    13:35:17.0203 2556 sym_hi - ok

    13:35:17.0234 2556 sym_u3 - ok

    13:35:17.0312 2556 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

    13:35:17.0328 2556 sysaudio - ok

    13:35:17.0390 2556 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

    13:35:17.0390 2556 SysmonLog - ok

    13:35:17.0437 2556 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

    13:35:17.0437 2556 TapiSrv - ok

    13:35:17.0531 2556 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

    13:35:17.0546 2556 Tcpip - ok

    13:35:17.0593 2556 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

    13:35:17.0593 2556 TDPIPE - ok

    13:35:17.0625 2556 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

    13:35:17.0625 2556 TDTCP - ok

    13:35:17.0703 2556 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

    13:35:17.0703 2556 TermDD - ok

    13:35:17.0781 2556 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

    13:35:17.0781 2556 TermService - ok

    13:35:17.0812 2556 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

    13:35:17.0812 2556 Themes - ok

    13:35:17.0843 2556 TosIde - ok

    13:35:17.0890 2556 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

    13:35:17.0906 2556 TrkWks - ok

    13:35:17.0968 2556 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys

    13:35:17.0984 2556 uagp35 - ok

    13:35:18.0015 2556 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

    13:35:18.0015 2556 Udfs - ok

    13:35:18.0046 2556 ultra - ok

    13:35:18.0125 2556 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

    13:35:18.0140 2556 Update - ok

    13:35:18.0203 2556 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

    13:35:18.0218 2556 upnphost - ok

    13:35:18.0234 2556 upperdev - ok

    13:35:18.0296 2556 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

    13:35:18.0296 2556 UPS - ok

    13:35:18.0328 2556 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

    13:35:18.0328 2556 USBAAPL - ok

    13:35:18.0375 2556 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

    13:35:18.0375 2556 usbccgp - ok

    13:35:18.0406 2556 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

    13:35:18.0406 2556 usbehci - ok

    13:35:18.0484 2556 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

    13:35:18.0484 2556 usbhub - ok

    13:35:18.0562 2556 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

    13:35:18.0562 2556 usbprint - ok

    13:35:18.0625 2556 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

    13:35:18.0625 2556 usbscan - ok

    13:35:18.0656 2556 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys

    13:35:18.0656 2556 usbser - ok

    13:35:18.0671 2556 UsbserFilt - ok

    13:35:18.0734 2556 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

    13:35:18.0734 2556 USBSTOR - ok

    13:35:18.0812 2556 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

    13:35:18.0812 2556 usbuhci - ok

    13:35:18.0843 2556 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

    13:35:18.0843 2556 VgaSave - ok

    13:35:18.0937 2556 [ 6933017F45C8D4A6CF7CB159A333DF68 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys

    13:35:18.0953 2556 viagfx - ok

    13:35:19.0015 2556 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\drivers\ViaIde.sys

    13:35:19.0031 2556 ViaIde - ok

    13:35:19.0093 2556 [ 4CC623591204ACD5FC89BD0DAD70E838 ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys

    13:35:19.0093 2556 videX32 - ok

    13:35:19.0171 2556 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

    13:35:19.0171 2556 VolSnap - ok

    13:35:19.0234 2556 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

    13:35:19.0234 2556 VSS - ok

    13:35:19.0312 2556 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

    13:35:19.0312 2556 W32Time - ok

    13:35:19.0390 2556 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

    13:35:19.0390 2556 Wanarp - ok

    13:35:19.0484 2556 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

    13:35:19.0500 2556 Wdf01000 - ok

    13:35:19.0515 2556 WDICA - ok

    13:35:19.0593 2556 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

    13:35:19.0593 2556 wdmaud - ok

    13:35:19.0640 2556 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

    13:35:19.0656 2556 WebClient - ok

    13:35:19.0765 2556 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

    13:35:19.0781 2556 winmgmt - ok

    13:35:19.0875 2556 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

    13:35:19.0875 2556 WmdmPmSN - ok

    13:35:19.0953 2556 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe

    13:35:19.0953 2556 WmiApSrv - ok

    13:35:20.0093 2556 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

    13:35:20.0140 2556 WMPNetworkSvc - ok

    13:35:20.0234 2556 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

    13:35:20.0312 2556 WPFFontCache_v0400 - ok

    13:35:20.0359 2556 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

    13:35:20.0359 2556 WS2IFSL - ok

    13:35:20.0437 2556 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

    13:35:20.0437 2556 wscsvc - ok

    13:35:20.0500 2556 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

    13:35:20.0500 2556 wuauserv - ok

    13:35:20.0578 2556 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

    13:35:20.0578 2556 WudfPf - ok

    13:35:20.0640 2556 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

    13:35:20.0640 2556 WudfRd - ok

    13:35:20.0671 2556 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

    13:35:20.0687 2556 WudfSvc - ok

    13:35:20.0765 2556 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

    13:35:20.0781 2556 WZCSVC - ok

    13:35:20.0828 2556 [ A1B2B0211441F9C822F8CBC0C2D1B41E ] xfilt C:\WINDOWS\system32\DRIVERS\xfilt.sys

    13:35:20.0828 2556 xfilt - ok

    13:35:20.0890 2556 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

    13:35:20.0890 2556 xmlprov - ok

    13:35:20.0953 2556 ================ Scan global ===============================

    13:35:21.0000 2556 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

    13:35:21.0062 2556 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

    13:35:21.0109 2556 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

    13:35:21.0171 2556 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

    13:35:21.0171 2556 [Global] - ok

    13:35:21.0171 2556 ================ Scan MBR ==================================

    13:35:21.0187 2556 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

    13:35:21.0187 2556 \Device\Harddisk0\DR0 - ok

    13:35:21.0234 2556 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

    13:35:21.0406 2556 \Device\Harddisk1\DR1 - ok

    13:35:21.0406 2556 ================ Scan VBR ==================================

    13:35:21.0421 2556 [ 336087AB8805DB8D8C8561C95AD161B8 ] \Device\Harddisk0\DR0\Partition1

    13:35:21.0421 2556 \Device\Harddisk0\DR0\Partition1 - ok

    13:35:21.0437 2556 [ B8CDD6740677BBD8698305621882EB47 ] \Device\Harddisk1\DR1\Partition1

    13:35:21.0437 2556 \Device\Harddisk1\DR1\Partition1 - ok

    13:35:21.0453 2556 ============================================================

    13:35:21.0453 2556 Scan finished

    13:35:21.0453 2556 ============================================================

    13:35:21.0515 1676 Detected object count: 0

    13:35:21.0515 1676 Actual detected object count: 0

    aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

    Run date: 2012-12-03 13:36:53

    -----------------------------

    13:36:53.984 OS Version: Windows 5.1.2600 Service Pack 3

    13:36:53.984 Number of processors: 2 586 0xF06

    13:36:53.984 ComputerName: USER-A7C827E03A UserName: User

    13:36:54.375 Initialize success

    13:42:04.437 AVAST engine defs: 12120200

    13:42:27.093 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5

    13:42:27.109 Disk 0 Vendor: WDC_WD10EARS-00Y5B1 80.00A80 Size: 953869MB BusType: 3

    13:42:27.125 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-13

    13:42:27.125 Disk 1 Vendor: ST3802110A 3.AAJ Size: 76319MB BusType: 3

    13:42:27.156 Disk 1 MBR read successfully

    13:42:27.171 Disk 1 MBR scan

    13:42:27.296 Disk 1 Windows XP default MBR code

    13:42:27.312 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63

    13:42:27.328 Disk 1 scanning sectors +156280320

    13:42:27.500 Disk 1 scanning C:\WINDOWS\system32\drivers

    13:42:44.578 Service scanning

    13:43:22.015 Modules scanning

    13:43:44.218 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**

    13:43:44.265 Disk 1 trace - called modules:

    13:43:44.312 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS

    13:43:44.328 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x86512ab8]

    13:43:44.343 3 CLASSPNP.SYS[f7680fd7] -> nt!IofCallDriver -> \Device\0000006c[0x8655e9e8]

    13:43:44.359 5 ACPI.sys[f7507620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-13[0x8655b940]

    13:43:45.062 AVAST engine scan C:\WINDOWS

    13:44:09.296 AVAST engine scan C:\WINDOWS\system32

    13:47:44.687 AVAST engine scan C:\WINDOWS\system32\drivers

    13:48:08.921 AVAST engine scan C:\Documents and Settings\User

    14:38:16.515 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts\New virus\MBR.dat"

    14:38:16.625 The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts\New virus\aswMBR.txt"

    Thanks,

    Can I turn on MSE?

  6. Here is the log

    ComboFix 12-12-02.01 - User 03/12/2012 10:58:40.2.2 - x86

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.457 [GMT 11:00]

    Running from: c:\documents and settings\User\Desktop\ComboFix.exe

    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\documents and settings\User\Local Settings\Temporary Internet Files\simpleadblock.msi

    c:\windows\wc98pp.dll

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))

    .

    .

    2012-12-02 23:28 . 2012-12-02 23:28 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{766FFB63-18A5-4BB7-882F-34B937F163F9}\MpKsl21c4b6b4.sys

    2012-12-02 17:05 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{766FFB63-18A5-4BB7-882F-34B937F163F9}\mpengine.dll

    2012-12-02 14:39 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

    2012-11-21 02:06 . 2012-11-21 02:06 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-11-11 03:36 . 2012-04-01 04:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-11-11 03:36 . 2011-05-30 04:34 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-11-09 01:45 . 2007-07-10 11:10 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

    2012-11-09 01:45 . 2007-07-10 11:10 52648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll

    2012-11-09 01:45 . 2007-07-10 11:10 31144 ----a-w- c:\windows\system32\LMIport.dll

    2012-11-09 01:45 . 2007-07-10 11:09 92072 ----a-w- c:\windows\system32\LMIinit.dll

    2012-10-22 08:37 . 2003-03-31 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys

    2012-10-21 03:38 . 2012-10-21 03:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2012-10-21 03:37 . 2012-05-29 02:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

    2012-10-21 03:37 . 2007-07-11 12:51 143872 ----a-w- c:\windows\system32\javacpl.cpl

    2012-10-21 03:37 . 2010-05-07 04:29 746984 ----a-w- c:\windows\system32\deployJava1.dll

    2012-10-09 11:03 . 2012-10-09 11:03 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

    2012-10-02 18:04 . 2003-03-31 12:00 58368 ----a-w- c:\windows\system32\synceng.dll

    2012-09-29 08:54 . 2011-05-23 13:06 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    .

    .

    ------- Sigcheck -------

    Note: Unsigned files aren't necessarily malware.

    .

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys

    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

    [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

    [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys

    [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys

    [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys

    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

    [-] 2006-02-28 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

    [-] 2003-03-31 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

    .

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

    [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

    [-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

    [7] 2008-04-13 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll

    [-] 2006-02-28 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll

    [-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

    [-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

    [-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll

    [-] 2003-03-31 . 493FCBED180DCACF0B5D4C8C29949CA9 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

    .

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

    [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

    [-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

    [7] 2008-04-13 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2003-03-31 . E3DF4A0252D287C44606EE55355E1623 . 101376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe

    .

    [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe

    [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe

    [7] 2008-04-13 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe

    [-] 2006-02-28 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2003-03-31 . 9B4155BA58192D4073082B8FC5D42612 . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

    .

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

    [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

    [-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

    [7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\1226636\comctl32.dll

    [7] 2008-04-13 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll

    [7] 2008-04-13 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll

    [-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    [-] 2006-02-28 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

    [7] 2006-02-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\86604\comctl32.dll

    [-] 2006-02-28 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

    [-] 2003-03-31 . 0B5D337119929505EE72D4E4A41ED1FD . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

    [7] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

    [-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

    .

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

    [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

    [-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll

    [7] 2008-04-13 18:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

    [-] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

    [-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll

    [-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

    [-] 2003-03-31 12:00 . C9702DDD814C39DC1254CF757C31C6E4 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll

    .

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll

    [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

    [-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

    [7] 2008-04-13 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

    [-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll

    [-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

    [-] 2006-02-28 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

    [-] 2003-03-31 . 8F162DC91D67D87C1A481BF602A9DAC8 . 930304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

    .

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

    [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

    [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

    [-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

    [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

    [7] 2008-04-13 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2006-02-28 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

    [-] 2003-03-31 . 18A8BE5A66B93F9C9615F7D4C148EDE2 . 228352 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

    .

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll

    [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll

    [-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll

    [7] 2008-04-13 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll

    [-] 2003-03-31 . 73C90911DD86A10D4004C7D6E655A41B . 339456 . . [1.0409.2600.1106] . . c:\windows\$NtServicePackUninstall$\usp10.dll

    .

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll

    [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll

    [-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll

    [7] 2008-04-13 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll

    [-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

    [-] 2006-02-28 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

    [-] 2003-03-31 . 61684089A54936E40F65DA02D47A28AE . 116224 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

    .

    [-] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll

    [-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll

    [-] 2009-02-09 . 911DDF2E16761643A47225F654D811E5 . 714752 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll

    [-] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll

    [7] 2008-04-13 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll

    [-] 2003-03-31 . 983940F6627F77C250BE0AE398FC53FB . 668672 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntdll.dll

    .

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime

    [-] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime

    [-] 2009-02-27 . 30B7D847BA9075AA8E1122FB6AF3D1B5 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime

    [7] 2008-04-13 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime

    [-] 2003-03-31 . 3897091314386D0EABF934870E36809C . 162304 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\msctfime.ime

    .

    [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll

    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll

    [7] 2008-04-13 18:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll

    [-] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

    [-] 2003-03-31 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ---ha-w- c:\documents and settings\User\Application Data\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]

    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

    .

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

    .

    c:\documents and settings\User\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\documents and settings\User\Application Data\Dropbox\bin\Dropbox.exe [2012-5-25 27112840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

    2012-11-09 01:45 92072 ----a-w- c:\windows\system32\LMIinit.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\Program Files\\uTorrent\\uTorrent.exe"=

    "c:\\Documents and Settings\\User\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

    "c:\\Program Files\\iTunes\\iTunes.exe"=

    .

    R1 MpKsl21c4b6b4;MpKsl21c4b6b4;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{766FFB63-18A5-4BB7-882F-34B937F163F9}\MpKsl21c4b6b4.sys [3/12/2012 10:28 AM 29904]

    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2/10/2010 8:59 PM 374704]

    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [17/04/2007 3:00 PM 12856]

    R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [17/04/2007 3:00 PM 13408]

    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?]

    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [18/10/2012 9:04 AM 18432]

    S3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\SR9USB.sys [30/05/2011 4:27 PM 14592]

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - MPKSL21C4B6B4

    *NewlyCreated* - TRUESIGHT

    *Deregistered* - TrueSight

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    vvdsvc REG_MULTI_SZ vvdsvc

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

    S7oppilx

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 03:36]

    .

    2012-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job

    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 06:57]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2011-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 02:11]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004Core.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1604221776-725345543-1004UA.job

    - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-30 06:15]

    .

    2012-12-02 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

    - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 07:25]

    .

    2012-12-02 c:\windows\Tasks\UPDATER.job

    - c:\documents and settings\User\My Documents\UPDATER.exe [2011-05-30 04:31]

    .

    2012-12-02 c:\windows\Tasks\User_Feed_Synchronization-{9D82F2A1-14C8-45C5-BD16-8ECA24E56CA0}.job

    - c:\windows\system32\msfeedssync.exe [2009-03-07 17:31]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.tradingroom.com.au/apps/mkt/forex.ac

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    TCP: DhcpNameServer = 192.168.1.1

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2012-12-03 11:16

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

    @="?????????????????? v1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

    @="?????????????????? v2"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'winlogon.exe'(744)

    c:\windows\system32\LMIinit.dll

    c:\windows\system32\LMIRfsClientNP.dll

    .

    Completion time: 2012-12-03 11:22:00

    ComboFix-quarantined-files.txt 2012-12-03 00:21

    ComboFix2.txt 2012-05-10 16:15

    .

    Pre-Run: 11,371,388,928 bytes free

    Post-Run: 12,343,234,560 bytes free

    .

    - - End Of File - - 16F966B3C7DB02C982024E6E6D6D7E3F

    Should I turn my MSE back on now?

  7. Thanks here is the first report

    # AdwCleaner v2.011 - Logfile created 12/03/2012 at 10:20:07

    # Updated 02/12/2012 by Xplode

    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

    # User : User - USER-A7C827E03A

    # Boot Mode : Normal

    # Running from : C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts\New virus\adwcleaner.exe

    # Option [Delete]

    ***** [services] *****

    ***** [Files / Folders] *****

    Folder Deleted : C:\Documents and Settings\User\Application Data\PriceGong

    Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Conduit

    Folder Deleted : C:\Program Files\Conduit

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

    Key Deleted : HKCU\Software\Conduit

    Key Deleted : HKCU\Software\ConduitSearchScopes

    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

    Key Deleted : HKCU\Software\PriceGong

    Key Deleted : HKCU\Software\SmartBar

    Key Deleted : HKCU\Software\Softonic

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716

    Key Deleted : HKLM\Software\Conduit

    ***** [internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v23.0.1271.64

    File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[s1].txt - [1494 octets] - [03/12/2012 10:20:07]

    ########## EOF - C:\AdwCleaner[s1].txt - [1554 octets] ##########

    Here is the second

    RogueKiller V8.3.1 [Dec 2 2012] by Tigzy

    mail : tigzyRK<at>gmail<dot>com

    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

    Website : http://tigzy.geekstogo.com/roguekiller.php

    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

    Started in : Normal mode

    User : User [Admin rights]

    Mode : Remove -- Date : 12/03/2012 10:31:56

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 5 ¤¤¤

    [HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED

    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

    [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0)

    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)

    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤

    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EARS-00Y5B1 +++++

    --- User ---

    [MBR] 8be4165ffd10406296820b399bfb0b42

    [bSP] d8189adc66c39c6e2a29d559a6858d81 : Windows XP MBR Code

    Partition table:

    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST3802110A +++++

    --- User ---

    [MBR] 15a098f99724635a9f2e14641c5be30a

    [bSP] c6bec20f00955cf1820afe99a880f47a : Windows XP MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

    Finished : << RKreport[2]_D_12032012_02d1031.txt >>

    RKreport[1]_S_12032012_02d1030.txt ; RKreport[2]_D_12032012_02d1031.txt

    Thank you

  8. Thank you for helping me. Please see attatched

    Results of screen317's Security Check version 0.99.56

    Windows XP Service Pack 3 x86

    Internet Explorer 8

    ``````````````Antivirus/Firewall Check:``````````````

    Windows Firewall Enabled!

    ESET Online Scanner v3

    Microsoft Security Essentials

    `````````Anti-malware/Other Utilities Check:`````````

    Malwarebytes Anti-Malware version 1.65.1.1000

    JavaFX 2.1.1

    Java 6 Update 33

    Java 7 Update 9

    Java SE Runtime Environment 6 Update 1

    Java 6 Update 2

    Java 6 Update 3

    Java 6 Update 5

    Java 6 Update 7

    Adobe Flash Player 11.5.502.110

    Adobe Reader 8

    Adobe Reader XI

    ````````Process Check: objlist.exe by Laurent````````

    Microsoft Security Essentials MSMpEng.exe

    Microsoft Security Essentials msseces.exe

    `````````````````System Health check`````````````````

    Total Fragmentation on Drive C:: 10%

    ````````````````````End of Log``````````````````````

    Here are the other two

    DDS (Ver_2012-11-20.01) - NTFS_x86

    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2

    Run by User at 8:59:28 on 2012-12-03

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.357 [GMT 11:00]

    .

    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

    .

    ============== Running Processes ================

    .

    C:\Program Files\Microsoft Security Client\MsMpEng.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

    C:\Program Files\LogMeIn\x86\RaMaint.exe

    C:\Program Files\LogMeIn\x86\LogMeIn.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\ctfmon.exe

    C:\WINDOWS\System32\alg.exe

    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\G389Q5P9\Defogger[1].exe

    C:\WINDOWS\system32\wbem\wmiprvse.exe

    C:\WINDOWS\system32\svchost.exe -k DcomLaunch

    C:\WINDOWS\system32\svchost.exe -k rpcss

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    C:\WINDOWS\System32\svchost.exe -k imgsvc

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.tradingroom.com.au/apps/mkt/forex.ac

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    BHO: AutorunsDisabled - <orphaned>

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

    BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll

    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

    EB: Groove Folder Synchronization: {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

    mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

    dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

    StartupFolder: c:\docume~1\user\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\user\application data\dropbox\bin\Dropbox.exe

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

    uPolicies-Explorer: NoDriveAutoRun = dword:67108863

    uPolicies-Explorer: NoDrives = dword:0

    mPolicies-Explorer: NoDriveAutoRun = dword:67108863

    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

    mPolicies-Explorer: NoDrives = dword:0

    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

    mPolicies-Explorer: NoDriveAutoRun = dword:67108863

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

    DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

    DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173184360781

    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343632656734

    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

    DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

    DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

    DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.freecricket.tv/plugins/freecricket.cab

    DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} - hxxp://www.belairresort.com.au/virtual-tour/tours/cabs/svideo3.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972

    TCP: NameServer = 192.168.1.1

    TCP: Interfaces\{03781020-5ECC-48FF-B925-FED478BC9CDB} : DHCPNameServer = 192.168.1.1

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

    Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll

    Notify: LMIinit - LMIinit.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 193552]

    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-2-6 22168]

    R1 MpKsl5be94f31;MpKsl5be94f31;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766ffb63-18a5-4bb7-882f-34b937f163f9}\MpKsl5be94f31.sys [2012-12-3 29904]

    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-2 374704]

    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-4-17 12856]

    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-7-10 47640]

    R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [2007-4-17 13408]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]

    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-10-18 18432]

    S3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\SR9USB.sys [2011-5-30 14592]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    S4 LMIRfsClientNP;LMIRfsClientNP; [x]

    .

    =============== File Associations ===============

    .

    ShellExec: switch.exe: Convert with Switch Sound File Converter="c:\program files\nch swift sound\switch\switch" "%L"

    .

    =============== Created Last 30 ================

    .

    2012-12-02 17:10:21 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766ffb63-18a5-4bb7-882f-34b937f163f9}\offreg.dll

    2012-12-02 17:10:20 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766ffb63-18a5-4bb7-882f-34b937f163f9}\MpKsl5be94f31.sys

    2012-12-02 17:05:28 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766ffb63-18a5-4bb7-882f-34b937f163f9}\mpengine.dll

    2012-12-02 14:39:58 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

    .

    ==================== Find3M ====================

    .

    2012-11-11 03:36:26 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-11-11 03:36:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-11-09 01:45:58 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

    2012-11-09 01:45:57 52648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll

    2012-11-09 01:45:55 92072 ----a-w- c:\windows\system32\LMIinit.dll

    2012-11-09 01:45:55 31144 ----a-w- c:\windows\system32\LMIport.dll

    2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys

    2012-10-21 03:38:00 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2012-10-21 03:37:57 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

    2012-10-21 03:37:57 143872 ----a-w- c:\windows\system32\javacpl.cpl

    2012-10-21 03:37:56 746984 ----a-w- c:\windows\system32\deployJava1.dll

    2012-10-09 11:03:25 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

    2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll

    2012-09-29 08:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-09-16 04:16:38 51712 ----a-w- c:\windows\wc98pp.dll

    .

    ============= FINISH: 9:01:39.06 ===============

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows XP Home Edition

    Boot Device: \Device\HarddiskVolume2

    Install Date: 8/02/2009 7:51:01 PM

    System Uptime: 2/12/2012 2:15:58 AM (31 hours ago)

    .

    Motherboard: ASUSTeK Computer INC. | | P5VD2-MX

    Processor: Intel® Core2 CPU 6300 @ 1.86GHz | Socket 775 | 1862/266mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 75 GiB total, 10.667 GiB free.

    D: is CDROM ()

    E: is FIXED (NTFS) - 932 GiB total, 131.482 GiB free.

    G: is Removable

    H: is Removable

    I: is Removable

    J: is Removable

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

    Description: Nokia 6280

    Device ID: ROOT\WPD\0000

    Manufacturer: Nokia

    Name: Nokia 6280

    PNP Device ID: ROOT\WPD\0000

    Service: WUDFRd

    .

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

    Description:

    Device ID: ROOT\WPD\0001

    Manufacturer:

    Name:

    PNP Device ID: ROOT\WPD\0001

    Service:

    .

    ==== System Restore Points ===================

    .

    No restore point in system.

    .

    ==== Installed Programs ======================

    .

    µTorrent

    aaa

    ABC Color with Me

    Adobe AIR

    Adobe Bridge 1.0

    Adobe Common File Installer

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Help Center 1.0

    Adobe Photoshop CS2

    Adobe Reader XI

    Adobe Stock Photos 1.0

    Apple Application Support

    Apple Mobile Device Support

    Apple Software Update

    Audacity 1.3.14 (Unicode)

    Audacity 2.0.2

    AutoUpdate

    Bit Che

    Bonjour

    Bookworm Deluxe 1.13

    Camera Window

    Canon Camera WIA Driver

    Canon Camera Window for ZoomBrowser EX

    Canon EOS Kiss REBEL 300D WIA Driver

    Canon RAW Image Task for ZoomBrowser EX

    Canon RemoteCapture Task for ZoomBrowser EX

    Canon Utilities File Viewer Utility 1.3

    Canon Utilities PhotoStitch 3.1

    Canon Utilities RemoteCapture 2.7

    Chinese Simplified Fonts Support For Adobe Reader 8

    Connected Kids Coloring Book #1

    Critical Update for Windows Media Player 11 (KB959772)

    DavkaViewer Platinum

    Defraggler

    Device Doctor

    DivX Version Checker

    Dropbox

    EPSON Printer Software

    ESET Online Scanner v3

    Family Tree Maker

    File Viewer Utility 1.3.2

    Free CD to MP3 Converter

    Free M4a to MP3 Converter 6.1

    Google Chrome

    Google Toolbar for Internet Explorer

    Google Update Helper

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Windows XP (KB2158563)

    Hotfix for Windows XP (KB2443685)

    Hotfix for Windows XP (KB2570791)

    Hotfix for Windows XP (KB2633952)

    Hotfix for Windows XP (KB2756822)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB961118)

    Hotfix for Windows XP (KB970653-v3)

    Hotfix for Windows XP (KB976098-v2)

    Hotfix for Windows XP (KB979306)

    Hotfix for Windows XP (KB981793)

    HP USB Disk Storage Format Tool

    Icy Tower v1.4

    InterActual Player

    iTunes

    J2SE Runtime Environment 5.0 Update 3

    Java 7 Update 9

    Java Auto Updater

    Java 6 Update 2

    Java 6 Update 3

    Java 6 Update 33

    Java 6 Update 5

    Java 6 Update 7

    Java SE Runtime Environment 6 Update 1

    JavaFX 2.1.1

    JMB36X Raid Configurer

    JPEGCrops 0.7.3 beta

    LaserJet 1020 series

    LogMeIn

    Malwarebytes Anti-Malware version 1.65.1.1000

    Mario Forever v 2.16 !

    memoMiiO-HK

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 4 Client Profile

    Microsoft Application Error Reporting

    Microsoft Choice Guard

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (English) 2007

    Microsoft Office Access Setup Metadata MUI (English) 2007

    Microsoft Office Enterprise 2007

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office Groove MUI (English) 2007

    Microsoft Office Groove Setup Metadata MUI (English) 2007

    Microsoft Office InfoPath MUI (English) 2007

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office Outlook MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office Professional Edition 2003

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (English) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (English) 2007

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Word MUI (English) 2007

    Microsoft Security Client

    Microsoft Security Essentials

    Microsoft Silverlight

    Microsoft Software Update for Web Folders (English) 12

    Microsoft User-Mode Driver Framework Feature Pack 1.9

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSVC80_x86

    MSVC80_x86_v2

    MSVCRT

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    OGA Notifier 1.7.0105.35.0

    OptusNet DSL

    PC Connectivity Solution

    PhotoStitch

    Platform

    Play Dora's Carnival 2 - At The Boardwalk

    PowerDVD

    RAW Image Task

    RemoteCapture 2.7.5

    RemoteCapture Task

    Samsung PC Studio

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

    Security Update for Microsoft Windows (KB2564958)

    Security Update for Windows Internet Explorer 8 (KB2510531)

    Security Update for Windows Internet Explorer 8 (KB2544521)

    Security Update for Windows Internet Explorer 8 (KB2618444)

    Security Update for Windows Internet Explorer 8 (KB2647516)

    Security Update for Windows Internet Explorer 8 (KB2675157)

    Security Update for Windows Internet Explorer 8 (KB2699988)

    Security Update for Windows Internet Explorer 8 (KB2722913)

    Security Update for Windows Internet Explorer 8 (KB2744842)

    Security Update for Windows Internet Explorer 8 (KB982381)

    Security Update for Windows Media Player (KB2378111)

    Security Update for Windows Media Player (KB954155)

    Security Update for Windows Media Player (KB968816)

    Security Update for Windows Media Player (KB973540)

    Security Update for Windows Media Player (KB975558)

    Security Update for Windows Media Player (KB978695)

    Security Update for Windows XP (KB2079403)

    Security Update for Windows XP (KB2115168)

    Security Update for Windows XP (KB2121546)

    Security Update for Windows XP (KB2160329)

    Security Update for Windows XP (KB2183461)

    Security Update for Windows XP (KB2229593)

    Security Update for Windows XP (KB2259922)

    Security Update for Windows XP (KB2279986)

    Security Update for Windows XP (KB2286198)

    Security Update for Windows XP (KB2296011)

    Security Update for Windows XP (KB2296199)

    Security Update for Windows XP (KB2347290)

    Security Update for Windows XP (KB2360131)

    Security Update for Windows XP (KB2360937)

    Security Update for Windows XP (KB2387149)

    Security Update for Windows XP (KB2393802)

    Security Update for Windows XP (KB2412687)

    Security Update for Windows XP (KB2416400)

    Security Update for Windows XP (KB2419632)

    Security Update for Windows XP (KB2423089)

    Security Update for Windows XP (KB2436673)

    Security Update for Windows XP (KB2440591)

    Security Update for Windows XP (KB2443105)

    Security Update for Windows XP (KB2476490)

    Security Update for Windows XP (KB2476687)

    Security Update for Windows XP (KB2478960)

    Security Update for Windows XP (KB2478971)

    Security Update for Windows XP (KB2479628)

    Security Update for Windows XP (KB2479943)

    Security Update for Windows XP (KB2481109)

    Security Update for Windows XP (KB2482017)

    Security Update for Windows XP (KB2483185)

    Security Update for Windows XP (KB2485376)

    Security Update for Windows XP (KB2485663)

    Security Update for Windows XP (KB2491683)

    Security Update for Windows XP (KB2503658)

    Security Update for Windows XP (KB2503665)

    Security Update for Windows XP (KB2506212)

    Security Update for Windows XP (KB2506223)

    Security Update for Windows XP (KB2507618)

    Security Update for Windows XP (KB2507938)

    Security Update for Windows XP (KB2508272)

    Security Update for Windows XP (KB2508429)

    Security Update for Windows XP (KB2509553)

    Security Update for Windows XP (KB2511455)

    Security Update for Windows XP (KB2524375)

    Security Update for Windows XP (KB2535512)

    Security Update for Windows XP (KB2536276-v2)

    Security Update for Windows XP (KB2536276)

    Security Update for Windows XP (KB2544893-v2)

    Security Update for Windows XP (KB2544893)

    Security Update for Windows XP (KB2555917)

    Security Update for Windows XP (KB2562937)

    Security Update for Windows XP (KB2566454)

    Security Update for Windows XP (KB2567053)

    Security Update for Windows XP (KB2567680)

    Security Update for Windows XP (KB2570222)

    Security Update for Windows XP (KB2570947)

    Security Update for Windows XP (KB2584146)

    Security Update for Windows XP (KB2585542)

    Security Update for Windows XP (KB2592799)

    Security Update for Windows XP (KB2598479)

    Security Update for Windows XP (KB2603381)

    Security Update for Windows XP (KB2618451)

    Security Update for Windows XP (KB2619339)

    Security Update for Windows XP (KB2620712)

    Security Update for Windows XP (KB2621440)

    Security Update for Windows XP (KB2624667)

    Security Update for Windows XP (KB2631813)

    Security Update for Windows XP (KB2633171)

    Security Update for Windows XP (KB2639417)

    Security Update for Windows XP (KB2641653)

    Security Update for Windows XP (KB2646524)

    Security Update for Windows XP (KB2647518)

    Security Update for Windows XP (KB2653956)

    Security Update for Windows XP (KB2655992)

    Security Update for Windows XP (KB2659262)

    Security Update for Windows XP (KB2660465)

    Security Update for Windows XP (KB2661637)

    Security Update for Windows XP (KB2676562)

    Security Update for Windows XP (KB2685939)

    Security Update for Windows XP (KB2686509)

    Security Update for Windows XP (KB2691442)

    Security Update for Windows XP (KB2695962)

    Security Update for Windows XP (KB2698365)

    Security Update for Windows XP (KB2705219)

    Security Update for Windows XP (KB2707511)

    Security Update for Windows XP (KB2709162)

    Security Update for Windows XP (KB2712808)

    Security Update for Windows XP (KB2718523)

    Security Update for Windows XP (KB2719985)

    Security Update for Windows XP (KB2723135)

    Security Update for Windows XP (KB2724197)

    Security Update for Windows XP (KB2727528)

    Security Update for Windows XP (KB2731847)

    Security Update for Windows XP (KB2761226)

    Security Update for Windows XP (KB923561)

    Security Update for Windows XP (KB923789)

    Security Update for Windows XP (KB946648)

    Security Update for Windows XP (KB952004)

    Security Update for Windows XP (KB953155)

    Security Update for Windows XP (KB956572)

    Security Update for Windows XP (KB956744)

    Security Update for Windows XP (KB956844)

    Security Update for Windows XP (KB958690)

    Security Update for Windows XP (KB958869)

    Security Update for Windows XP (KB959426)

    Security Update for Windows XP (KB960225)

    Security Update for Windows XP (KB960715)

    Security Update for Windows XP (KB960803)

    Security Update for Windows XP (KB960859)

    Security Update for Windows XP (KB961371)

    Security Update for Windows XP (KB961373)

    Security Update for Windows XP (KB961501)

    Security Update for Windows XP (KB963027)

    Security Update for Windows XP (KB968537)

    Security Update for Windows XP (KB969059)

    Security Update for Windows XP (KB969897)

    Security Update for Windows XP (KB969898)

    Security Update for Windows XP (KB969947)

    Security Update for Windows XP (KB970238)

    Security Update for Windows XP (KB970430)

    Security Update for Windows XP (KB971468)

    Security Update for Windows XP (KB971486)

    Security Update for Windows XP (KB971557)

    Security Update for Windows XP (KB971633)

    Security Update for Windows XP (KB971657)

    Security Update for Windows XP (KB971961)

    Security Update for Windows XP (KB972260)

    Security Update for Windows XP (KB972270)

    Security Update for Windows XP (KB973346)

    Security Update for Windows XP (KB973354)

    Security Update for Windows XP (KB973507)

    Security Update for Windows XP (KB973525)

    Security Update for Windows XP (KB973869)

    Security Update for Windows XP (KB973904)

    Security Update for Windows XP (KB974112)

    Security Update for Windows XP (KB974318)

    Security Update for Windows XP (KB974392)

    Security Update for Windows XP (KB974455)

    Security Update for Windows XP (KB974571)

    Security Update for Windows XP (KB975025)

    Security Update for Windows XP (KB975467)

    Security Update for Windows XP (KB975560)

    Security Update for Windows XP (KB975561)

    Security Update for Windows XP (KB975562)

    Security Update for Windows XP (KB975713)

    Security Update for Windows XP (KB976325)

    Security Update for Windows XP (KB977165)

    Security Update for Windows XP (KB977816)

    Security Update for Windows XP (KB977914)

    Security Update for Windows XP (KB978037)

    Security Update for Windows XP (KB978251)

    Security Update for Windows XP (KB978262)

    Security Update for Windows XP (KB978338)

    Security Update for Windows XP (KB978542)

    Security Update for Windows XP (KB978601)

    Security Update for Windows XP (KB978706)

    Security Update for Windows XP (KB979309)

    Security Update for Windows XP (KB979482)

    Security Update for Windows XP (KB979559)

    Security Update for Windows XP (KB979683)

    Security Update for Windows XP (KB979687)

    Security Update for Windows XP (KB980195)

    Security Update for Windows XP (KB980218)

    Security Update for Windows XP (KB980232)

    Security Update for Windows XP (KB980436)

    Security Update for Windows XP (KB981322)

    Security Update for Windows XP (KB981349)

    Security Update for Windows XP (KB981852)

    Security Update for Windows XP (KB981957)

    Security Update for Windows XP (KB981997)

    Security Update for Windows XP (KB982132)

    Security Update for Windows XP (KB982214)

    Security Update for Windows XP (KB982381)

    Security Update for Windows XP (KB982665)

    Security Update for Windows XP (KB982802)

    Segoe UI

    Siemens Subscriber Networks SpeedStream DSL

    Simple Adblock

    Snood 2.2R (Full Version)

    Spelling Dictionaries Support For Adobe Reader 8

    SR9600 Driver

    Switch Sound File Converter

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Microsoft Office 2007 Help for Common Features (KB963673)

    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

    Update for Microsoft Office Excel 2007 Help (KB963678)

    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition

    Update for Microsoft Office Powerpoint 2007 Help (KB963669)

    Update for Microsoft Office Word 2007 Help (KB963665)

    Update for Windows Internet Explorer 8 (KB2598845)

    Update for Windows Internet Explorer 8 (KB2632503)

    Update for Windows XP (KB2141007)

    Update for Windows XP (KB2345886)

    Update for Windows XP (KB2467659)

    Update for Windows XP (KB2492386)

    Update for Windows XP (KB2541763)

    Update for Windows XP (KB2607712)

    Update for Windows XP (KB2616676)

    Update for Windows XP (KB2641690)

    Update for Windows XP (KB2661254-v2)

    Update for Windows XP (KB2718704)

    Update for Windows XP (KB2736233)

    Update for Windows XP (KB2749655)

    Update for Windows XP (KB955759)

    Update for Windows XP (KB961503)

    Update for Windows XP (KB967715)

    Update for Windows XP (KB968389)

    Update for Windows XP (KB971029)

    Update for Windows XP (KB971737)

    Update for Windows XP (KB973687)

    Update for Windows XP (KB973815)

    Update for Windows XP (KB976749)

    Update for Windows XP (KB978207)

    Update for Windows XP (KB980182)

    USB Storage Driver

    VIA Platform Device Manager

    VIA Rhine-Family Fast-Ethernet Adapter

    VIA/S3G Display Driver 6.14.10.0359

    VLC media player 2.0.4

    WebFldrs XP

    Windows Genuine Advantage Notifications (KB905474)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Internet Explorer 8

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Messenger

    Windows Live Sign-in Assistant

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows XP Service Pack 3

    WinRAR 4.20 (32-bit)

    .

    ==== Event Viewer Messages From Past Week ========

    .

    29/11/2012 8:28:48 PM, error: Service Control Manager [7001] - The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    29/11/2012 8:28:48 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

    .

    ==== End Of File ===========================

  9. <p sab="3344">Something wierd happened with the previous post</p>

    <p sab="3344"> </p>

    <p sab="3344">I found 5 infected files during a scan which was half way through, however I lost the connection and had to start again</p>

    <p sab="3344">Here are the results</p>

    <p sab="3344">E:\Age Of Empires 3 Incl Expansion and keys\freefileviewer_2_1283.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined</p>

    <p sab="3344">I recall that 2 of them were in Java one of the viruses was called softonicdownloader.d another called java agent.ac trojan and a third called openstream.nby. All 3 must have been deleted</p>

    <p sab="3344">I only use utorrents for avi files</p>

    <p sab="3344">Is there anything else I shoud do?</p>

    <p sab="3344">Thanks again</p>

  10. <p sab="3266">I found 5 infected files during a scan which was half way through, however I lost the connection and had to start again.</p>

    <p sab="3267">Here are the results</p>

    <p sab="3268"> </p>

    <p sab="3269">E:\Age Of Empires 3 Incl Expansion and keys\freefileviewer_2_1283.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined<br sab="3270" />

     </p>

    <p sab="3271">I recall that 2 of them were in Java one of the viruses was called softonicdownloader.d another called java agent.ac trojan and a third called openstream.nby. All 3 must have been deleted.</p>

    <p sab="3272"> </p>

    <p sab="3273">I only use utorrents for avi files</p>

    <p sab="3274"> </p>

    <p sab="3275">Is there anything else I shoud do?</p>

    <p sab="3276">Thanks again<img alt=":)" class="bbc_emoticon" height="20" sab="3277" src="http://forums.malwarebytes.org/public/style_emoticons/default/smile.png" title=":)" width="20" /></p>

  11. Here are the logs

    .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by User at 23:39:21 on 2012-05-12

    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.295 [GMT 10:00]

    .

    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\svchost.exe -k DcomLaunch

    svchost.exe

    C:\Program Files\Microsoft Security Client\MsMpEng.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

    C:\WINDOWS\system32\VTTimer.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\WINDOWS\System32\svchost.exe -k HTTPFilter

    C:\Program Files\Java\jre7\bin\jqs.exe

    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

    C:\Program Files\LogMeIn\x86\RaMaint.exe

    C:\Program Files\LogMeIn\x86\LogMeIn.exe

    C:\WINDOWS\System32\svchost.exe -k imgsvc

    C:\WINDOWS\explorer.exe

    C:\Program Files\Outlook Express\msimn.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.tradingroom.com.au/apps/mkt/forex.ac

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    BHO: AutorunsDisabled - No File

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

    BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - c:\program files\common files\simple adblock\SimpleAdblock.dll

    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

    EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

    mRun: [VTTimer] VTTimer.exe

    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

    StartupFolder: c:\docume~1\user\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\user\application data\dropbox\bin\Dropbox.exe

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

    DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

    DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173184360781

    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

    DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

    DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

    DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.freecricket.tv/plugins/freecricket.cab

    DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} - hxxp://www.belairresort.com.au/virtual-tour/tours/cabs/svideo3.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=724

    TCP: DhcpNameServer = 192.168.1.1

    TCP: Interfaces\{03781020-5ECC-48FF-B925-FED478BC9CDB} : DhcpNameServer = 192.168.1.1

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

    Notify: LMIinit - LMIinit.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]

    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-2-6 22168]

    R1 MpKslfd5d7bbf;MpKslfd5d7bbf;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1016886e-c7ca-4fd4-b6d8-a49cfa978ab6}\MpKslfd5d7bbf.sys [2012-5-12 29904]

    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-2 374152]

    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-4-17 12856]

    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-7-10 47640]

    R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [2007-4-17 13408]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 253088]

    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]

    S3 SR9USB;SR9600 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\SR9USB.sys [2011-5-30 14592]

    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]

    S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]

    S4 LMIRfsClientNP;LMIRfsClientNP; [x]

    .

    =============== Created Last 30 ================

    .

    2012-05-12 11:31:21 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1016886e-c7ca-4fd4-b6d8-a49cfa978ab6}\offreg.dll

    2012-05-12 11:31:20 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1016886e-c7ca-4fd4-b6d8-a49cfa978ab6}\MpKslfd5d7bbf.sys

    2012-05-12 11:28:24 6734704 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1016886e-c7ca-4fd4-b6d8-a49cfa978ab6}\mpengine.dll

    2012-05-10 16:18:14 6734704 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

    2012-05-10 16:03:33 75264 -c--a-w- c:\windows\system32\dllcache\ipsec.sys

    2012-05-10 16:03:33 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys

    2012-05-10 15:35:35 -------- d-sha-r- C:\cmdcons

    2012-05-10 15:35:34 -------- d-----w- c:\windows\setup.pss

    2012-05-10 15:23:35 98816 ----a-w- c:\windows\sed.exe

    2012-05-10 15:23:35 518144 ----a-w- c:\windows\SWREG.exe

    2012-05-10 15:23:35 256000 ----a-w- c:\windows\PEV.exe

    2012-05-10 15:23:35 208896 ----a-w- c:\windows\MBR.exe

    2012-05-05 13:21:57 -------- d-----w- c:\documents and settings\user\local settings\application data\{4608863F-96B5-11E1-826D-B8AC6F996F26}

    2012-05-05 11:42:13 -------- d-----w- c:\documents and settings\user\application data\memoMiiO-HK

    2012-05-05 11:40:50 -------- d-----w- c:\program files\memoMiiO-HK

    2012-04-28 09:58:25 -------- d-----w- c:\program files\Dropbox

    .

    ==================== Find3M ====================

    .

    2012-05-09 15:28:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-05-09 15:27:55 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-04-04 05:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-03-20 10:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys

    2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

    2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll

    2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

    2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

    2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

    2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec

    .

    ============= FINISH: 23:41:31.90 ===============

    and here is the other one

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Home Edition

    Boot Device: \Device\HarddiskVolume2

    Install Date: 8/02/2009 7:51:01 PM

    System Uptime: 12/05/2012 9:19:32 PM (2 hours ago)

    .

    Motherboard: ASUSTeK Computer INC. | | P5VD2-MX

    Processor: Intel® Core2 CPU 6300 @ 1.86GHz | Socket 775 | 1861/266mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 75 GiB total, 11.572 GiB free.

    D: is CDROM ()

    E: is FIXED (NTFS) - 932 GiB total, 53.998 GiB free.

    G: is Removable

    H: is Removable

    I: is Removable

    J: is Removable

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

    Description: Nokia 6280

    Device ID: ROOT\WPD\0000

    Manufacturer: Nokia

    Name: Nokia 6280

    PNP Device ID: ROOT\WPD\0000

    Service: WUDFRd

    .

    ==== System Restore Points ===================

    .

    RP1257: 21/03/2012 9:10:10 AM - Microsoft Antimalware Checkpoint

    RP1258: 21/03/2012 12:51:00 PM - Software Distribution Service 3.0

    RP1259: 22/03/2012 12:03:57 AM - Software Distribution Service 3.0

    RP1260: 22/03/2012 3:48:39 AM - Software Distribution Service 3.0

    RP1261: 23/03/2012 4:02:06 AM - System Checkpoint

    RP1262: 24/03/2012 9:11:54 PM - Software Distribution Service 3.0

    RP1263: 25/03/2012 3:34:22 AM - Software Distribution Service 3.0

    RP1264: 25/03/2012 9:07:12 PM - Software Distribution Service 3.0

    RP1265: 26/03/2012 3:33:19 AM - Software Distribution Service 3.0

    RP1266: 26/03/2012 11:58:38 PM - Software Distribution Service 3.0

    RP1267: 27/03/2012 3:32:35 AM - Software Distribution Service 3.0

    RP1268: 28/03/2012 12:04:44 AM - Software Distribution Service 3.0

    RP1269: 28/03/2012 3:33:08 AM - Software Distribution Service 3.0

    RP1270: 28/03/2012 11:58:44 PM - Software Distribution Service 3.0

    RP1271: 29/03/2012 3:33:18 AM - Software Distribution Service 3.0

    RP1272: 29/03/2012 11:59:11 PM - Software Distribution Service 3.0

    RP1273: 30/03/2012 3:32:57 AM - Software Distribution Service 3.0

    RP1274: 31/03/2012 9:02:26 PM - Software Distribution Service 3.0

    RP1275: 1/04/2012 4:57:01 AM - Software Distribution Service 3.0

    RP1276: 2/04/2012 4:44:42 AM - Software Distribution Service 3.0

    RP1277: 2/04/2012 11:31:47 AM - Software Distribution Service 3.0

    RP1278: 3/04/2012 4:44:22 AM - Software Distribution Service 3.0

    RP1279: 3/04/2012 11:30:47 AM - Software Distribution Service 3.0

    RP1280: 4/04/2012 4:43:46 AM - Software Distribution Service 3.0

    RP1281: 4/04/2012 11:31:43 AM - Software Distribution Service 3.0

    RP1282: 5/04/2012 4:43:49 AM - Software Distribution Service 3.0

    RP1283: 5/04/2012 11:31:23 AM - Software Distribution Service 3.0

    RP1284: 6/04/2012 4:43:45 AM - Software Distribution Service 3.0

    RP1285: 6/04/2012 11:31:53 AM - Software Distribution Service 3.0

    RP1286: 7/04/2012 4:44:07 AM - Software Distribution Service 3.0

    RP1287: 7/04/2012 11:29:50 AM - Software Distribution Service 3.0

    RP1288: 8/04/2012 4:43:36 AM - Software Distribution Service 3.0

    RP1289: 8/04/2012 11:30:28 AM - Software Distribution Service 3.0

    RP1290: 9/04/2012 3:44:02 AM - Software Distribution Service 3.0

    RP1291: 9/04/2012 10:30:19 AM - Software Distribution Service 3.0

    RP1292: 10/04/2012 3:44:00 AM - Software Distribution Service 3.0

    RP1293: 10/04/2012 10:31:05 AM - Software Distribution Service 3.0

    RP1294: 11/04/2012 3:44:10 AM - Software Distribution Service 3.0

    RP1295: 11/04/2012 10:32:04 AM - Software Distribution Service 3.0

    RP1296: 12/04/2012 3:01:11 AM - Software Distribution Service 3.0

    RP1297: 12/04/2012 3:56:19 AM - Software Distribution Service 3.0

    RP1298: 14/04/2012 7:20:48 PM - Software Distribution Service 3.0

    RP1299: 15/04/2012 3:31:45 AM - Software Distribution Service 3.0

    RP1300: 15/04/2012 9:05:56 AM - Microsoft Antimalware Checkpoint

    RP1301: 15/04/2012 9:09:53 AM - Software Distribution Service 3.0

    RP1302: 16/04/2012 4:13:43 AM - Software Distribution Service 3.0

    RP1303: 16/04/2012 6:57:04 PM - Software Distribution Service 3.0

    RP1304: 17/04/2012 4:12:35 AM - Software Distribution Service 3.0

    RP1305: 17/04/2012 6:57:03 PM - Software Distribution Service 3.0

    RP1306: 18/04/2012 4:12:30 AM - Software Distribution Service 3.0

    RP1307: 18/04/2012 6:57:10 PM - Software Distribution Service 3.0

    RP1308: 19/04/2012 4:12:34 AM - Software Distribution Service 3.0

    RP1309: 19/04/2012 6:56:34 PM - Software Distribution Service 3.0

    RP1310: 20/04/2012 4:13:19 AM - Software Distribution Service 3.0

    RP1311: 21/04/2012 8:20:44 PM - Software Distribution Service 3.0

    RP1312: 22/04/2012 3:59:12 AM - Software Distribution Service 3.0

    RP1313: 22/04/2012 8:15:41 PM - Software Distribution Service 3.0

    RP1314: 23/04/2012 3:58:40 AM - Software Distribution Service 3.0

    RP1315: 24/04/2012 3:51:03 AM - Software Distribution Service 3.0

    RP1316: 24/04/2012 7:12:47 PM - Software Distribution Service 3.0

    RP1317: 25/04/2012 3:50:43 AM - Software Distribution Service 3.0

    RP1318: 25/04/2012 7:12:32 PM - Software Distribution Service 3.0

    RP1319: 26/04/2012 3:50:50 AM - Software Distribution Service 3.0

    RP1320: 26/04/2012 7:13:21 PM - Software Distribution Service 3.0

    RP1321: 27/04/2012 3:50:58 AM - Software Distribution Service 3.0

    RP1322: 28/04/2012 8:02:47 PM - Software Distribution Service 3.0

    RP1323: 29/04/2012 3:37:21 AM - Software Distribution Service 3.0

    RP1324: 30/04/2012 3:55:56 AM - System Checkpoint

    RP1325: 30/04/2012 4:12:30 AM - Software Distribution Service 3.0

    RP1326: 30/04/2012 2:47:51 PM - Software Distribution Service 3.0

    RP1327: 1/05/2012 4:13:21 AM - Software Distribution Service 3.0

    RP1328: 1/05/2012 2:47:55 PM - Software Distribution Service 3.0

    RP1329: 2/05/2012 4:12:45 AM - Software Distribution Service 3.0

    RP1330: 2/05/2012 2:48:31 PM - Software Distribution Service 3.0

    RP1331: 3/05/2012 3:43:14 AM - Software Distribution Service 3.0

    RP1332: 3/05/2012 10:58:51 PM - Software Distribution Service 3.0

    RP1333: 4/05/2012 3:42:56 AM - Software Distribution Service 3.0

    RP1334: 5/05/2012 6:52:59 PM - Software Distribution Service 3.0

    RP1335: 5/05/2012 11:20:31 PM - Microsoft Antimalware Checkpoint

    RP1336: 6/05/2012 12:45:10 AM - Software Distribution Service 3.0

    RP1337: 6/05/2012 11:27:11 PM - Microsoft Antimalware Checkpoint

    RP1338: 7/05/2012 3:38:38 AM - Software Distribution Service 3.0

    RP1339: 7/05/2012 8:05:19 AM - Software Distribution Service 3.0

    RP1340: 7/05/2012 9:04:15 AM - Software Distribution Service 3.0

    RP1341: 7/05/2012 11:30:20 PM - Microsoft Antimalware Checkpoint

    RP1342: 8/05/2012 4:16:02 AM - Software Distribution Service 3.0

    RP1343: 8/05/2012 8:47:04 AM - Software Distribution Service 3.0

    RP1344: 8/05/2012 11:44:27 PM - Microsoft Antimalware Checkpoint

    RP1345: 9/05/2012 4:02:17 AM - Software Distribution Service 3.0

    RP1346: 9/05/2012 9:11:42 AM - Software Distribution Service 3.0

    RP1347: 10/05/2012 1:17:03 AM - Restore Operation

    RP1348: 10/05/2012 1:45:38 AM - Microsoft Antimalware Checkpoint

    RP1349: 11/05/2012 1:23:49 AM - ComboFix created restore point

    RP1350: 12/05/2012 7:23:12 PM - System Checkpoint

    RP1351: 12/05/2012 9:28:12 PM - Software Distribution Service 3.0

    .

    ==== Installed Programs ======================

    .

    µTorrent

    aaa

    ABC Color with Me

    Adobe AIR

    Adobe Bridge 1.0

    Adobe Common File Installer

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Help Center 1.0

    Adobe Photoshop CS2

    Adobe Reader X (10.1.3)

    Adobe Stock Photos 1.0

    Audacity 1.3.14 (Unicode)

    Audacity 2.0

    AutoUpdate

    Bit Che

    Bookworm Deluxe 1.13

    Camera Window

    Canon Camera WIA Driver

    Canon Camera Window for ZoomBrowser EX

    Canon EOS Kiss REBEL 300D WIA Driver

    Canon RAW Image Task for ZoomBrowser EX

    Canon RemoteCapture Task for ZoomBrowser EX

    Canon Utilities File Viewer Utility 1.3

    Canon Utilities PhotoStitch 3.1

    Canon Utilities RemoteCapture 2.7

    Chinese Simplified Fonts Support For Adobe Reader 8

    Connected Kids Coloring Book #1

    Critical Update for Windows Media Player 11 (KB959772)

    Defraggler

    Device Doctor

    DivX Version Checker

    Dropbox

    EPSON Printer Software

    Family Tree Maker

    File Viewer Utility 1.3.2

    Free CD to MP3 Converter

    Free M4a to MP3 Converter 6.1

    Google Chrome

    Google Toolbar for Internet Explorer

    Google Update Helper

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Windows XP (KB2158563)

    Hotfix for Windows XP (KB2443685)

    Hotfix for Windows XP (KB2570791)

    Hotfix for Windows XP (KB2633952)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB961118)

    Hotfix for Windows XP (KB970653-v3)

    Hotfix for Windows XP (KB976098-v2)

    Hotfix for Windows XP (KB979306)

    Hotfix for Windows XP (KB981793)

    HP USB Disk Storage Format Tool

    Icy Tower v1.4

    InterActual Player

    J2SE Runtime Environment 5.0 Update 3

    Java Auto Updater

    Java 6 Update 2

    Java 6 Update 3

    Java 6 Update 32

    Java 6 Update 5

    Java 6 Update 7

    Java 7 Update 1

    Java SE Runtime Environment 6 Update 1

    JMB36X Raid Configurer

    JPEGCrops 0.7.3 beta

    LaserJet 1020 series

    LimeWire 4.18.5

    LogMeIn

    Malwarebytes Anti-Malware version 1.61.0.1400

    Mario Forever v 2.16 !

    memoMiiO-HK

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 4 Client Profile

    Microsoft Application Error Reporting

    Microsoft Choice Guard

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (English) 2007

    Microsoft Office Access Setup Metadata MUI (English) 2007

    Microsoft Office Enterprise 2007

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office Groove MUI (English) 2007

    Microsoft Office Groove Setup Metadata MUI (English) 2007

    Microsoft Office InfoPath MUI (English) 2007

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office Outlook MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office Professional Edition 2003

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (English) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (English) 2007

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Word MUI (English) 2007

    Microsoft Security Client

    Microsoft Security Essentials

    Microsoft Silverlight

    Microsoft Software Update for Web Folders (English) 12

    Microsoft User-Mode Driver Framework Feature Pack 1.9

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSVC80_x86

    MSVC80_x86_v2

    MSVCRT

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    OGA Notifier 1.7.0105.35.0

    OptusNet DSL

    PC Connectivity Solution

    PhotoStitch

    Platform

    PowerDVD

    RAW Image Task

    RemoteCapture 2.7.5

    RemoteCapture Task

    Samsung PC Studio

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Security Update for Microsoft Windows (KB2564958)

    Security Update for Windows Internet Explorer 8 (KB2510531)

    Security Update for Windows Internet Explorer 8 (KB2544521)

    Security Update for Windows Internet Explorer 8 (KB2618444)

    Security Update for Windows Internet Explorer 8 (KB2647516)

    Security Update for Windows Internet Explorer 8 (KB2675157)

    Security Update for Windows Internet Explorer 8 (KB982381)

    Security Update for Windows Media Player (KB2378111)

    Security Update for Windows Media Player (KB954155)

    Security Update for Windows Media Player (KB968816)

    Security Update for Windows Media Player (KB973540)

    Security Update for Windows Media Player (KB975558)

    Security Update for Windows Media Player (KB978695)

    Security Update for Windows XP (KB2079403)

    Security Update for Windows XP (KB2115168)

    Security Update for Windows XP (KB2121546)

    Security Update for Windows XP (KB2160329)

    Security Update for Windows XP (KB2183461)

    Security Update for Windows XP (KB2229593)

    Security Update for Windows XP (KB2259922)

    Security Update for Windows XP (KB2279986)

    Security Update for Windows XP (KB2286198)

    Security Update for Windows XP (KB2296011)

    Security Update for Windows XP (KB2296199)

    Security Update for Windows XP (KB2347290)

    Security Update for Windows XP (KB2360131)

    Security Update for Windows XP (KB2360937)

    Security Update for Windows XP (KB2387149)

    Security Update for Windows XP (KB2393802)

    Security Update for Windows XP (KB2412687)

    Security Update for Windows XP (KB2416400)

    Security Update for Windows XP (KB2419632)

    Security Update for Windows XP (KB2423089)

    Security Update for Windows XP (KB2436673)

    Security Update for Windows XP (KB2440591)

    Security Update for Windows XP (KB2443105)

    Security Update for Windows XP (KB2476490)

    Security Update for Windows XP (KB2476687)

    Security Update for Windows XP (KB2478960)

    Security Update for Windows XP (KB2478971)

    Security Update for Windows XP (KB2479628)

    Security Update for Windows XP (KB2479943)

    Security Update for Windows XP (KB2481109)

    Security Update for Windows XP (KB2482017)

    Security Update for Windows XP (KB2483185)

    Security Update for Windows XP (KB2485376)

    Security Update for Windows XP (KB2485663)

    Security Update for Windows XP (KB2491683)

    Security Update for Windows XP (KB2503658)

    Security Update for Windows XP (KB2503665)

    Security Update for Windows XP (KB2506212)

    Security Update for Windows XP (KB2506223)

    Security Update for Windows XP (KB2507618)

    Security Update for Windows XP (KB2507938)

    Security Update for Windows XP (KB2508272)

    Security Update for Windows XP (KB2508429)

    Security Update for Windows XP (KB2509553)

    Security Update for Windows XP (KB2511455)

    Security Update for Windows XP (KB2524375)

    Security Update for Windows XP (KB2535512)

    Security Update for Windows XP (KB2536276-v2)

    Security Update for Windows XP (KB2536276)

    Security Update for Windows XP (KB2544893-v2)

    Security Update for Windows XP (KB2544893)

    Security Update for Windows XP (KB2555917)

    Security Update for Windows XP (KB2562937)

    Security Update for Windows XP (KB2566454)

    Security Update for Windows XP (KB2567053)

    Security Update for Windows XP (KB2567680)

    Security Update for Windows XP (KB2570222)

    Security Update for Windows XP (KB2570947)

    Security Update for Windows XP (KB2584146)

    Security Update for Windows XP (KB2585542)

    Security Update for Windows XP (KB2592799)

    Security Update for Windows XP (KB2598479)

    Security Update for Windows XP (KB2603381)

    Security Update for Windows XP (KB2618451)

    Security Update for Windows XP (KB2619339)

    Security Update for Windows XP (KB2620712)

    Security Update for Windows XP (KB2621440)

    Security Update for Windows XP (KB2624667)

    Security Update for Windows XP (KB2631813)

    Security Update for Windows XP (KB2633171)

    Security Update for Windows XP (KB2639417)

    Security Update for Windows XP (KB2641653)

    Security Update for Windows XP (KB2646524)

    Security Update for Windows XP (KB2647518)

    Security Update for Windows XP (KB2653956)

    Security Update for Windows XP (KB2660465)

    Security Update for Windows XP (KB2661637)

    Security Update for Windows XP (KB923561)

    Security Update for Windows XP (KB923789)

    Security Update for Windows XP (KB946648)

    Security Update for Windows XP (KB952004)

    Security Update for Windows XP (KB953155)

    Security Update for Windows XP (KB956572)

    Security Update for Windows XP (KB956744)

    Security Update for Windows XP (KB956844)

    Security Update for Windows XP (KB958690)

    Security Update for Windows XP (KB958869)

    Security Update for Windows XP (KB959426)

    Security Update for Windows XP (KB960225)

    Security Update for Windows XP (KB960715)

    Security Update for Windows XP (KB960803)

    Security Update for Windows XP (KB960859)

    Security Update for Windows XP (KB961371)

    Security Update for Windows XP (KB961373)

    Security Update for Windows XP (KB961501)

    Security Update for Windows XP (KB963027)

    Security Update for Windows XP (KB968537)

    Security Update for Windows XP (KB969059)

    Security Update for Windows XP (KB969897)

    Security Update for Windows XP (KB969898)

    Security Update for Windows XP (KB969947)

    Security Update for Windows XP (KB970238)

    Security Update for Windows XP (KB970430)

    Security Update for Windows XP (KB971468)

    Security Update for Windows XP (KB971486)

    Security Update for Windows XP (KB971557)

    Security Update for Windows XP (KB971633)

    Security Update for Windows XP (KB971657)

    Security Update for Windows XP (KB971961)

    Security Update for Windows XP (KB972260)

    Security Update for Windows XP (KB972270)

    Security Update for Windows XP (KB973346)

    Security Update for Windows XP (KB973354)

    Security Update for Windows XP (KB973507)

    Security Update for Windows XP (KB973525)

    Security Update for Windows XP (KB973869)

    Security Update for Windows XP (KB973904)

    Security Update for Windows XP (KB974112)

    Security Update for Windows XP (KB974318)

    Security Update for Windows XP (KB974392)

    Security Update for Windows XP (KB974455)

    Security Update for Windows XP (KB974571)

    Security Update for Windows XP (KB975025)

    Security Update for Windows XP (KB975467)

    Security Update for Windows XP (KB975560)

    Security Update for Windows XP (KB975561)

    Security Update for Windows XP (KB975562)

    Security Update for Windows XP (KB975713)

    Security Update for Windows XP (KB976325)

    Security Update for Windows XP (KB977165)

    Security Update for Windows XP (KB977816)

    Security Update for Windows XP (KB977914)

    Security Update for Windows XP (KB978037)

    Security Update for Windows XP (KB978251)

    Security Update for Windows XP (KB978262)

    Security Update for Windows XP (KB978338)

    Security Update for Windows XP (KB978542)

    Security Update for Windows XP (KB978601)

    Security Update for Windows XP (KB978706)

    Security Update for Windows XP (KB979309)

    Security Update for Windows XP (KB979482)

    Security Update for Windows XP (KB979559)

    Security Update for Windows XP (KB979683)

    Security Update for Windows XP (KB979687)

    Security Update for Windows XP (KB980195)

    Security Update for Windows XP (KB980218)

    Security Update for Windows XP (KB980232)

    Security Update for Windows XP (KB980436)

    Security Update for Windows XP (KB981322)

    Security Update for Windows XP (KB981349)

    Security Update for Windows XP (KB981852)

    Security Update for Windows XP (KB981957)

    Security Update for Windows XP (KB981997)

    Security Update for Windows XP (KB982132)

    Security Update for Windows XP (KB982214)

    Security Update for Windows XP (KB982381)

    Security Update for Windows XP (KB982665)

    Security Update for Windows XP (KB982802)

    Segoe UI

    Siemens Subscriber Networks SpeedStream DSL

    Simple Adblock

    Snood 2.2R (Full Version)

    Spelling Dictionaries Support For Adobe Reader 8

    SR9600 Driver

    Switch Sound File Converter

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Microsoft Office 2007 Help for Common Features (KB963673)

    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

    Update for Microsoft Office Excel 2007 Help (KB963678)

    Update for Microsoft Office Powerpoint 2007 Help (KB963669)

    Update for Microsoft Office Word 2007 Help (KB963665)

    Update for Windows Internet Explorer 8 (KB2598845)

    Update for Windows Internet Explorer 8 (KB2632503)

    Update for Windows XP (KB2141007)

    Update for Windows XP (KB2345886)

    Update for Windows XP (KB2467659)

    Update for Windows XP (KB2492386)

    Update for Windows XP (KB2541763)

    Update for Windows XP (KB2607712)

    Update for Windows XP (KB2616676)

    Update for Windows XP (KB2641690)

    Update for Windows XP (KB955759)

    Update for Windows XP (KB961503)

    Update for Windows XP (KB967715)

    Update for Windows XP (KB968389)

    Update for Windows XP (KB971029)

    Update for Windows XP (KB971737)

    Update for Windows XP (KB973687)

    Update for Windows XP (KB973815)

    Update for Windows XP (KB976749)

    Update for Windows XP (KB978207)

    Update for Windows XP (KB980182)

    USB Storage Driver

    VIA Platform Device Manager

    VIA Rhine-Family Fast-Ethernet Adapter

    VIA/S3G Display Driver 6.14.10.0359

    VLC media player 2.0.1

    WebFldrs XP

    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

    Windows Genuine Advantage Notifications (KB905474)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Internet Explorer 8

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Messenger

    Windows Live Sign-in Assistant

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows XP Service Pack 3

    WinRAR 4.11 (32-bit)

    .

    ==== Event Viewer Messages From Past Week ========

    .

    12/05/2012 6:51:17 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1435.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    11/05/2012 5:10:55 AM, error: Service Control Manager [7001] - The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The system cannot find the file specified.

    11/05/2012 4:08:39 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1435.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    11/05/2012 3:50:47 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

    11/05/2012 2:50:45 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: The system cannot find the file specified.

    11/05/2012 2:17:43 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1435.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    11/05/2012 2:10:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Tcpip

    11/05/2012 2:10:00 AM, error: Service Control Manager [7001] - The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error: The operation completed successfully.

    11/05/2012 2:10:00 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

    11/05/2012 2:07:50 AM, error: NetBT [4311] - Initialization failed because the driver device could not be created.

    11/05/2012 2:02:44 AM, error: Service Control Manager [7001] - The TCP/IP Protocol Driver service depends on the IPSec service which failed to start because of the following error: The system cannot find the file specified.

    11/05/2012 2:02:44 AM, error: Service Control Manager [7000] - The IPSec service failed to start due to the following error: The system cannot find the file specified.

    11/05/2012 11:17:48 AM, error: Service Control Manager [7000] - The TCP/IP Protocol Driver service failed to start due to the following error: The system cannot find the file specified.

    11/05/2012 1:57:07 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.1435.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    11/05/2012 1:44:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IPSec Tcpip

    11/05/2012 1:40:22 AM, error: Service Control Manager [7003] - The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

    11/05/2012 1:37:59 AM, error: Service Control Manager [7001] - The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

    11/05/2012 1:07:07 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service helpsvc with arguments "" in order to run the server: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

    10/05/2012 8:46:32 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

    .

    ==== End Of File ===========================

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.