Jump to content

pb1947

Members
  • Posts

    19
  • Joined

  • Last visited

Everything posted by pb1947

  1. A blonde lady fronts her husband with a can of baked beans and asks "how do you cook these dear" The husband replies "stand in boiling water for 5 minutes honey" Blonde lady ends up in Hospital burns unit with 3rd degree burns to the feet groan:- this is that bad ya gotta laugh
  2. lol, I am more closer to the Tambo River
  3. Hi Exile360, And thank you for your fast response, I cannot do this anyway as I already have a licence for MBAM on this system and the free version on the notebook. As I have had MBAM Pro for sometime now on my desktop, I have after several infiltrations realised its worth. The notebook is a later addition and I have to do a separate registration. The only reason I asked this question was to be suggestive. It can not be the money side for me as I am definitely going to upgrade my notebook to MBAM Pro as well (and that does not bother me). When I looked at MBAM's website I noticed it had a header for home user's and another for businesses, and the multiple licences were under businesses only. I only did the post to be suggestive and my reasons are as the post 2 posts above. After all this, I would like to suggest that MBAM website make home users more aware you can do this. Cheers Pete
  4. Hi Porthos, I am curious as to why you asked??? Never the less, 1- It would mean one less form to fill in 2- It would mean one less Visa card transaction to make. 3- it would mean one less Visa transaction fee 4- The less forms and transaction fees that are filled out means less chance of being phished. 5- Everytime I enter my Credit Card details on the net I cringe with fear of being ripped off, so the least I have to do it the better. 6- Not to mention convenience as I have already said that lol, here is a few reasons for starters. Cheers Pete
  5. A Blonde lady was walking along the river trying to find a bridge to get to the other side, She spots another blonde walking on the other side of the river, She then cups her hands to her mouth and yells out to her "how do you get to the other side" The blonde on the other side hears this and yells back "You are on the other side" groan, sorry folks, I thought it was funny
  6. You would be wasting your time with ebay, I have bought their attention to illegal software that is consistently sold on their sites and guess what? the same software is still being sold by the same sellers. As mine was Microsoft products I sent my illegal copies to local Microsoft authentication centre. I was totally looked after by being issued with genuine product. The first thing Microsoft said is that keys come in a genuine package and are given no other way. Never the less I too was duped like you.You are better off reporting to the OEM manufacturers as they will definitely take an action
  7. My query was more for convenience than cost, thanks Pete
  8. Hi and thanks Gringo, It has been a long haul but worth it, the things I have gained out of our session is familiarity and complacency can be a thing to be very wary of when using computers/internet. One tends to take for granted that because one researches and pays top dollar that they have the best virus protection. In the past I have used fully registered versions of Norton,Macafee,NOD eset, Kaspersky and currently AVG2012, not to mention countless anti spyware/malware programs such as Spybot, no-adaware and countless others. Three years ago I had bad Infections and I was that impressed with MBAM (MalewareBytes) that I brought the pro registration, and once again this program has proved its worth. This program seems to pick up the viruses/malwares first then the resident programs as mentioned above seem to wake and say "hey we have viruses" after MBAM does the hard yards I am definitely interested in your recommendations for protection and with this alone you have shown me that I can protect my systems for very little expense. It was MalwareBytes that first alerted me to my infections not my resident anti virus program and as far as I am concerned It has been useless as teats on a bull in respect to my recent infections. But having said that I can see that they have their uses and each in different ways to others as far as protection is concerned. I have also chatted with the younger generation that uses this system, but in all fairness it is hard to chastise them for what I would have done at their age. I think the only way to get around this is separate systems and let them fix their own, and having said that I too am guilty of breaching the protocol of avoiding infections. I cannot express my gratitude enough to you for your work in guiding me to rid my system of the infections and crap, and a lot of that I didn't realise I had. many THANKS Gringo for resolving my problems, cheers Pete ps my next move is a very worthy donation to the cause
  9. Whew, Hi and thanks again Gringo, This took over 6 hours to get to this report, after 3 hours of scanning eset crashed due to a thunderstorm and a micro power out. Did it all again and here it is. Sure hope there are some false positives amongst all this in the attached report cheers Pete C:\Documents and Settings\peter smith\My Documents\Downloads\Angry_Birds_-_2011_-_PC_-_Cracked.exe Win32/Adware.1ClickDownload.G application C:\Documents and Settings\peter smith\My Documents\Downloads\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D application C:\Documents and Settings\peter smith\My Documents\Downloads\Nazis.at.the.Center.of.the.Earth.2012.BRRip.XviD.Ac3.exe Win32/Adware.1ClickDownload.B application C:\Documents and Settings\peter smith\My Documents\Downloads\sd-setup (1).exe a variant of Win32/ELEX application C:\Documents and Settings\peter smith\My Documents\Downloads\sd-setup.exe a variant of Win32/ELEX application C:\Downloads\new\cbsidlm-tr1_7-Aveyond_Gates_of_Night-SEO2-10976663.exe Win32/DownloadAdmin.D application C:\Downloads\new\software\defragsetup.exe a variant of Win32/Toolbar.Widgi application C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\cdrom.sys.vir Win32/Sirefef.DA trojan C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP740\A0465244.exe probably a variant of Win32/Toolbar.Babylon application C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP740\A0465248.dll a variant of Win32/Toolbar.Babylon application C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP759\A0470813.exe a variant of Win32/SweetIM.B application C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP759\A0471057.sys Win32/Sirefef.DA trojan C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP759\A0471141.sys Win32/Sirefef.DA trojan C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP759\A0471189.sys Win32/Sirefef.DA trojan C:\System Volume Information\_restore{34EA6B75-DFBF-4096-926B-8BB79104CBDA}\RP760\A0471262.sys Win32/Sirefef.DA trojan
  10. <p> </p> <div> <div>Hi Gringo don't you sleep?? lol, thanks once again for your help</div> <div>cheers Pete</div> <div> </div> <div>Malwarebytes Anti-Malware (PRO) 1.65.1.1000</div> <div>www.malwarebytes.org</div> <div> </div> <div>Database version: v2012.11.07.10</div> <div> </div> <div>Windows XP Service Pack 3 x86 NTFS</div> <div>Internet Explorer 8.0.6001.18702</div> <div>peter smith :: PB1947 [administrator]</div> <div> </div> <div>Protection: Disabled</div> <div> </div> <div>8/11/2012 12:18:58 PM</div> <div>mbam-log-2012-11-08 (12-18-58).txt</div> <div> </div> <div>Scan type: Quick scan</div> <div>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM</div> <div>Scan options disabled: P2P</div> <div>Objects scanned: 262818</div> <div>Time elapsed: 4 minute(s), 52 second(s)</div> <div> </div> <div>Memory Processes Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Memory Modules Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Keys Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Values Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Data Items Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Folders Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Files Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>(end)</div> <div> </div> </div> <div> </div> <div>Logfile of Trend Micro HijackThis v2.0.4</div> <div>Scan saved at 12:33:35 PM, on 8/11/2012</div> <div>Platform: Windows XP SP3 (WinNT 5.01.2600)</div> <div>MSIE: Internet Explorer v8.00 (8.00.6001.18702)</div> <div>Boot mode: Normal</div> <div> </div> <div>Running processes:</div> <div>C:\windows\System32\smss.exe</div> <div>C:\windows\system32\winlogon.exe</div> <div>C:\windows\system32\services.exe</div> <div>C:\windows\system32\lsass.exe</div> <div>C:\windows\system32\nvsvc32.exe</div> <div>C:\windows\system32\svchost.exe</div> <div>C:\windows\System32\svchost.exe</div> <div>C:\windows\system32\svchost.exe</div> <div>C:\windows\system32\spoolsv.exe</div> <div>C:\Program Files\Creative\Shared Files\CTAudSvc.exe</div> <div>C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe</div> <div>C:\windows\Explorer.EXE</div> <div>C:\windows\vVX3000.exe</div> <div>C:\windows\system32\CTXFIHLP.EXE</div> <div>C:\Program Files\AVG\AVG2012\avgtray.exe</div> <div>C:\Program Files\iTunes\iTunesHelper.exe</div> <div>C:\Program Files\Common Files\Java\Java Update\jusched.exe</div> <div>C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe</div> <div>C:\Program Files\Windows Desktop Search\WindowsSearch.exe</div> <div>C:\Documents and Settings\peter smith\Start Menu\Programs\Startup\hpqtra08.exe</div> <div>C:\Program Files\MagicDisc\MagicDisc.exe</div> <div>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</div> <div>C:\Program Files\AVG\AVG2012\avgfws.exe</div> <div>C:\Program Files\AVG\AVG2012\avgwdsvc.exe</div> <div>C:\Program Files\Bonjour\mDNSResponder.exe</div> <div>C:\windows\system32\CTsvcCDA.exe</div> <div>C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe</div> <div>C:\Program Files\AVG\AVG2012\avgnsx.exe</div> <div>C:\Program Files\AVG\AVG2012\avgemcx.exe</div> <div>C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe</div> <div>C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE</div> <div>C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe</div> <div>C:\Program Files\Microsoft LifeCam\MSCamS32.exe</div> <div>C:\Program Files\AVG\AVG2012\avgrsx.exe</div> <div>C:\Program Files\Nero\Update\NASvc.exe</div> <div>C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe</div> <div>C:\Program Files\AVG\AVG2012\avgcsrvx.exe</div> <div>C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe</div> <div>C:\windows\System32\svchost.exe</div> <div>C:\windows\system32\IoctlSvc.exe</div> <div>C:\windows\System32\svchost.exe</div> <div>C:\windows\system32\PnkBstrA.exe</div> <div>C:\windows\system32\PnkBstrB.exe</div> <div>C:\windows\system32\svchost.exe</div> <div>C:\Program Files\UPHClean\uphclean.exe</div> <div>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</div> <div>C:\windows\system32\SearchIndexer.exe</div> <div>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe</div> <div>C:\Program Files\AVG\AVG2012\avgidsagent.exe</div> <div>C:\windows\system32\svchost.exe</div> <div>C:\Program Files\iPod\bin\iPodService.exe</div> <div>C:\windows\SYSTEM32\CTXFISPI.EXE</div> <div>C:\windows\system32\svchost.exe</div> <div>C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe</div> <div>C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe</div> <div>C:\Program Files\AVG\AVG2012\avgcsrvx.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Program Files\Java\jre7\bin\jqs.exe</div> <div>C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe</div> <div>C:\Downloads\new\HijackThis.exe</div> <div> </div> <div>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.bigpond.com/home/index.jsp</div> <div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157</div> <div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896</div> <div>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896</div> <div>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157</div> <div>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*</div> <div>O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll</div> <div>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll</div> <div>O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll</div> <div>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll</div> <div>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL</div> <div>O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll</div> <div>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll</div> <div>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll</div> <div>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll</div> <div>O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll</div> <div>O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll</div> <div>O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\peter smith\Application Data\FlashGetBHO\FlashGetBHO3.dll</div> <div>O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL</div> <div>O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll</div> <div>O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll</div> <div>O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"</div> <div>O4 - HKLM\..\Run: [VX3000] C:\windows\vVX3000.exe</div> <div>O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"</div> <div>O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe</div> <div>O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe</div> <div>O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE</div> <div>O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices</div> <div>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</div> <div>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"</div> <div>O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart</div> <div>O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"</div> <div>O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup</div> <div>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime</div> <div>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"</div> <div>O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"</div> <div>O4 - HKUS\S-1-5-21-1409082233-1708537768-1801674531-1010\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')</div> <div>O4 - HKUS\S-1-5-21-1409082233-1708537768-1801674531-1010\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'UpdatusUser')</div> <div>O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')</div> <div>O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')</div> <div>O4 - Startup: hpqtra08.exe</div> <div>O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe</div> <div>O4 - Startup: PowerReg Scheduler.exe</div> <div>O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe</div> <div>O8 - Extra context menu item: Download All By FlashGet3 - C:\Documents and Settings\peter smith\Application Data\FlashGetBHO\GetAllUrl.htm</div> <div>O8 - Extra context menu item: Download By FlashGet3 - C:\Documents and Settings\peter smith\Application Data\FlashGetBHO\GetUrl.htm</div> <div>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000</div> <div>O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html</div> <div>O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105</div> <div>O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll</div> <div>O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll</div> <div>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll</div> <div>O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll</div> <div>O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll</div> <div>O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll</div> <div>O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll</div> <div>O9 - Extra button: FreshDownload - {87989A8E-F587-43A4-9315-34A4E4F4B3F9} - C:\windows\system32\shdocvw.dll</div> <div>O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll</div> <div>O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll</div> <div>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe</div> <div>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe</div> <div>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe</div> <div>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe</div> <div>O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB</div> <div>O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab</div> <div>O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx</div> <div>O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab</div> <div>O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab</div> <div>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243504952390</div> <div>O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab</div> <div>O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab</div> <div>O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab</div> <div>O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://games.bigfishgames.com/en_big-city-adventure-sydney-australia/online/JBGamePlayer.cab</div> <div>O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx</div> <div>O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - </div> <div>O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab</div> <div>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</div> <div>O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab</div> <div>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll</div> <div>O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll</div> <div>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL</div> <div>O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL</div> <div>O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll</div> <div>O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll</div> <div>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</div> <div>O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe</div> <div>O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe</div> <div>O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe</div> <div>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe</div> <div>O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe</div> <div>O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\windows\system32\CTsvcCDA.exe</div> <div>O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe</div> <div>O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe</div> <div>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe</div> <div>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe</div> <div>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe</div> <div>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe</div> <div>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe</div> <div>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe</div> <div>O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe</div> <div>O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe</div> <div>O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe</div> <div>O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe</div> <div>O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe</div> <div>O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe</div> <div>O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)</div> <div>O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe</div> <div>O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe</div> <div>O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\windows\system32\IoctlSvc.exe</div> <div>O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe</div> <div>O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe</div> <div>O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe</div> <div>O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe</div> <div>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe</div> <div>O23 - Service: User Profile Hive Cleanup (UPHClean) - Windows ® Codename Longhorn DDK provider - C:\Program Files\UPHClean\uphclean.exe</div> <div> </div> <div>--</div> <div>End of file - 17161 bytes</div> <div> </div>
  11. Hi Gringo, Like the other day, I left system running while having breakfast and came back to find thisAVG flag :- Threat detected - c:\System Volume Information\_restore{34EA6B75-DFBF-4096-8BB79104CBDA}\A0471057.sys Threat Name:- Trojan horse Rootkit-Pakes.CD Process name :- C:\WINDOWS\system32\svchost.exe Process ID:1724 This time I ignored the AVG action and will wait for your reply. Cheers Pete
  12. HI Gringo and thanks once again for your support. This went again with hiccups. The AVG real time scanners flag came up again, I ignored this flag and combofix did its own thing. A flag again came up pev application error, Also a file was deleted from my AVG privacy protection, this does not bother me as I have full registered version and will re-install later. cheers Pete ComboFix 12-11-06.03 - peter smith 08/11/2012 9:53.3.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3068.2237 [GMT 11:00] Running from: c:\documents and settings\peter smith\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Created a new restore point . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP . . ((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 ))))))))))))))))))))))))))))))) . . 2012-11-05 20:47 . 2008-04-14 12:00 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys 2012-11-05 20:47 . 2008-04-14 12:00 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys 2012-11-04 22:42 . 2012-11-04 22:42 161 ----a-w- c:\windows\DeleteOnReboot.bat 2012-11-03 04:37 . 2003-10-01 02:48 33280 ----a-w- c:\program files\Microsoft Games\Halo\trainer.exe 2012-11-03 04:18 . 2012-11-03 04:32 -------- d-----w- C:\Halo 2012-11-02 03:53 . 2012-11-02 03:53 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache 2012-11-01 10:30 . 2012-11-01 10:30 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2012-10-31 08:27 . 2012-11-03 22:01 -------- d-----w- C:\extract 2012-10-29 23:35 . 2012-11-01 10:25 -------- d-----w- c:\program files\Aveyond - Gates of Night 2012-10-27 00:10 . 2012-10-29 23:35 -------- d-----w- c:\documents and settings\peter smith\Application Data\Aveyond 3 2012-10-26 23:46 . 2012-10-26 23:46 441 ----a-w- c:\program files\2710201210460739.bat 2012-10-26 13:47 . 2012-10-26 13:47 -------- d-----w- c:\documents and settings\peter smith\Local Settings\Application Data\Buried In Time 2012-10-26 12:40 . 2012-10-26 12:40 -------- d-----w- c:\documents and settings\peter smith\Application Data\Mud Puddle Games 2012-10-23 12:56 . 2012-10-23 12:56 -------- d-----w- c:\program files\Common Files\Java 2012-10-23 12:56 . 2012-10-23 12:56 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-20 23:11 . 2012-10-20 23:11 -------- d-----w- c:\documents and settings\peter smith\Application Data\Oberon Media 2012-10-20 23:11 . 2012-10-20 23:11 -------- d-----w- c:\program files\Common Files\Oberon Media 2012-10-20 23:09 . 2012-10-20 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media 2012-10-20 23:09 . 2012-10-27 00:09 -------- d-----w- c:\program files\Oberon Media 2012-10-20 23:09 . 2012-10-27 00:09 -------- d-----w- c:\program files\MSN Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-23 12:56 . 2012-02-24 02:22 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-10-23 12:56 . 2011-09-21 07:55 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-10-23 12:56 . 2010-05-08 15:01 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-29 08:54 . 2010-04-04 08:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:14 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 05:43 . 2012-02-21 19:25 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-08-21 13:33 . 2008-04-14 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2008-04-14 00:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-03 18:21 . 2011-08-27 05:16 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-11-05 570664] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-01 59240] "CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-30 2596984] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-03-07 13879192] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-02 252848] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\peter smith\Start Menu\Programs\Startup\ hpqtra08.exe [2008-3-25 214360] MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2012-8-5 576000] PowerReg Scheduler.exe [2012-8-5 256000] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ComproRemote.lnk] backup=c:\windows\pss\ComproRemote.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk] backup=c:\windows\pss\ComproSchedulerDTV.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2012-10-17 01:29 1353080 ----a-w- c:\program files\Steam\steam.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\left 4 dead 2\\left4dead2.exe"= "c:\\Program Files\\Steam\\SteamApps\\common\\left 4 dead 2\\bin\\SDKLauncher.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 5:50 AM 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 5:46 AM 31952] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [6/07/2010 2:06 PM 64288] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [18/04/2012 5:07 PM 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [18/04/2012 5:07 PM 12464] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2/02/2012 10:24 PM 14776] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 6:25 AM 237408] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [22/02/2012 6:25 AM 301920] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [28/10/2009 11:02 PM 98392] R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [13/06/2012 4:48 AM 2321560] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 5:53 AM 193288] R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\Lite\NServiceEntry.exe [19/09/2011 3:58 PM 87368] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/11/2012 10:33 PM 399432] R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [7/12/2011 8:00 AM 214896] R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [25/11/2011 5:32 PM 687400] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [26/06/2010 4:07 AM 35088] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 8:52 PM 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 2:32 PM 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 2:32 PM 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 2:32 PM 17232] R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [4/06/2009 3:46 AM 171032] R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [4/06/2009 3:46 AM 1324056] R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [4/06/2009 3:46 AM 72728] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/04/2010 7:47 PM 22856] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [16/11/2009 10:22 AM 47360] R3 VMHybrid;VMHybrid service;c:\windows\system32\drivers\VMHybrid.sys [1/09/2008 3:05 AM 1060224] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [13/08/2012 4:24 AM 5167736] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/04/2010 7:47 PM 676936] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 2:28 PM 160944] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 8:52 PM 30944] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?] S3 ComproHID;VideoMate Root Enumerated Hid Device;c:\windows\system32\drivers\ComproHID.sys [22/05/2009 8:41 PM 7040] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [18/07/2009 11:58 AM 79360] S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [4/06/2009 3:46 AM 171032] S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [4/06/2009 3:46 AM 1324056] S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [4/06/2009 3:46 AM 72728] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13/06/2011 10:09 PM 267568] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [21/08/2009 3:14 PM 36928] . --- Other Services/Drivers In Memory --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-10-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 07:57] . 2012-11-03 c:\windows\Tasks\Driver Robot.job - c:\program files\Driver Robot\1.2.0.5\DriverRobot.exe [2009-12-20 06:29] . 2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 04:12] . 2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 04:12] . 2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-1801674531-1003Core.job - c:\documents and settings\peter smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-12 15:32] . 2012-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-1801674531-1003UA.job - c:\documents and settings\peter smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-12 15:32] . 2009-10-24 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job - c:\program files\Microsoft LifeCam\LifeExp.exe [2007-05-17 21:45] . 2012-11-04 c:\windows\Tasks\MotoHelper MUM.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-07 c:\windows\Tasks\MotoHelper Routing.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-04 c:\windows\Tasks\MotoHelper Update.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-07 c:\windows\Tasks\SmartDefrag_Startup.job - c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-04-03 03:26] . 2012-11-07 c:\windows\Tasks\User_Feed_Synchronization-{FDA492B4-C921-4A9E-B111-88B14DFCFF35}.job - c:\windows\system32\msfeedssync.exe [2009-03-07 17:31] . . ------- Supplementary Scan ------- . ustart page = hxxp://go.bigpond.com/home/index.jsp uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local;192.168.*.* uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Download All By FlashGet3 - c:\documents and settings\peter smith\Application Data\FlashGetBHO\GetAllUrl.htm IE: Download By FlashGet3 - c:\documents and settings\peter smith\Application Data\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {{87989A8E-F587-43A4-9315-34A4E4F4B3F9} TCP: DhcpNameServer = 10.0.0.138 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} - hxxp://games.bigfishgames.com/en_big-city-adventure-sydney-australia/online/JBGamePlayer.cab FF - ProfilePath - c:\documents and settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: !HIDDEN! 2009-07-11 00:24; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-08 10:04 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTxfiHlp = CTXFIHLP.EXE? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,ad,8f,d6,8b,c3,82,4d,96,33,cd,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,ad,8f,d6,8b,c3,82,4d,96,33,cd,\ . [HKEY_USERS\S-1-5-21-1409082233-1708537768-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-1409082233-1708537768-1801674531-1003\Software\SecuROM\License information*] "datasecu"=hex:f1,3c,38,84,87,bb,a7,a4,1c,62,51,97,01,ca,87,81,86,31,d3,f5,91, 2d,83,dc,48,58,1e,97,ca,d9,3d,ce,86,16,ab,21,c2,f6,a5,5b,0e,bb,39,cc,7d,b2,\ "rkeysecu"=hex:db,d3,f3,66,ca,d9,a8,34,d6,90,2e,e1,52,d1,8b,ab . [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*] "value"="?\08\00\05\05,,?" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(4648) c:\windows\system32\WININET.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1033\GrooveIntlResource.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2012-11-08 10:06:32 ComboFix-quarantined-files.txt 2012-11-07 23:06 ComboFix2.txt 2012-11-06 22:58 . Pre-Run: 97,621,241,856 bytes free Post-Run: 97,584,295,936 bytes free . - - End Of File - - 2F238C528E203DE8AE4C8388573380A3
  13. Hi Gringo and thanks again for your attention. System has been very quiet and is running good Cheers Pete 02:06:58.0078 4836 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 02:07:00.0093 4836 ============================================================ 02:07:00.0093 4836 Current date / time: 2012/11/08 02:07:00.0093 02:07:00.0093 4836 SystemInfo: 02:07:00.0093 4836 02:07:00.0093 4836 OS Version: 5.1.2600 ServicePack: 3.0 02:07:00.0093 4836 Product type: Workstation 02:07:00.0093 4836 ComputerName: PB1947 02:07:00.0093 4836 UserName: peter smith 02:07:00.0093 4836 Windows directory: C:\windows 02:07:00.0093 4836 System windows directory: C:\windows 02:07:00.0093 4836 Processor architecture: Intel x86 02:07:00.0093 4836 Number of processors: 4 02:07:00.0093 4836 Page size: 0x1000 02:07:00.0093 4836 Boot type: Normal boot 02:07:00.0093 4836 ============================================================ 02:07:02.0796 4836 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 02:07:02.0812 4836 ============================================================ 02:07:02.0812 4836 \Device\Harddisk0\DR0: 02:07:02.0828 4836 MBR partitions: 02:07:02.0828 4836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41 02:07:02.0843 4836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A380DBF, BlocksNum 0x3A380D41 02:07:02.0843 4836 ============================================================ 02:07:03.0187 4836 D: <-> \Device\Harddisk0\DR0\Partition2 02:07:03.0281 4836 C: <-> \Device\Harddisk0\DR0\Partition1 02:07:03.0281 4836 ============================================================ 02:07:03.0281 4836 Initialize success 02:07:03.0281 4836 ============================================================ 02:07:15.0328 3936 ============================================================ 02:07:15.0328 3936 Scan started 02:07:15.0328 3936 Mode: Manual; 02:07:15.0328 3936 ============================================================ 02:07:16.0671 3936 ================ Scan system memory ======================== 02:07:16.0671 3936 System memory - ok 02:07:16.0671 3936 ================ Scan services ============================= 02:07:16.0796 3936 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\windows\System32\6to4svc.dll 02:07:16.0796 3936 6to4 - ok 02:07:16.0812 3936 Abiosdsk - ok 02:07:16.0812 3936 abp480n5 - ok 02:07:16.0875 3936 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys 02:07:16.0875 3936 ACPI - ok 02:07:16.0921 3936 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\windows\system32\drivers\ACPIEC.sys 02:07:16.0921 3936 ACPIEC - ok 02:07:16.0921 3936 adpu160m - ok 02:07:16.0953 3936 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\windows\system32\drivers\aec.sys 02:07:16.0953 3936 aec - ok 02:07:16.0984 3936 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\windows\System32\drivers\afd.sys 02:07:16.0984 3936 AFD - ok 02:07:16.0984 3936 Aha154x - ok 02:07:16.0984 3936 aic78u2 - ok 02:07:17.0000 3936 aic78xx - ok 02:07:17.0031 3936 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\windows\system32\alrsvc.dll 02:07:17.0046 3936 Alerter - ok 02:07:17.0062 3936 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\windows\System32\alg.exe 02:07:17.0062 3936 ALG - ok 02:07:17.0078 3936 AliIde - ok 02:07:17.0078 3936 amsint - ok 02:07:17.0171 3936 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 02:07:17.0187 3936 Apple Mobile Device - ok 02:07:17.0203 3936 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\windows\System32\appmgmts.dll 02:07:17.0203 3936 AppMgmt - ok 02:07:17.0218 3936 asc - ok 02:07:17.0218 3936 asc3350p - ok 02:07:17.0218 3936 asc3550 - ok 02:07:17.0312 3936 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 02:07:17.0312 3936 aspnet_state - ok 02:07:17.0328 3936 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 02:07:17.0328 3936 AsyncMac - ok 02:07:17.0343 3936 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\windows\system32\DRIVERS\atapi.sys 02:07:17.0343 3936 atapi - ok 02:07:17.0343 3936 Atdisk - ok 02:07:17.0390 3936 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\windows\system32\DRIVERS\atksgt.sys 02:07:17.0390 3936 atksgt - ok 02:07:17.0421 3936 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\windows\system32\DRIVERS\atmarpc.sys 02:07:17.0421 3936 Atmarpc - ok 02:07:17.0437 3936 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\windows\System32\audiosrv.dll 02:07:17.0437 3936 AudioSrv - ok 02:07:17.0468 3936 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\windows\system32\DRIVERS\audstub.sys 02:07:17.0484 3936 audstub - ok 02:07:17.0515 3936 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwdx C:\windows\system32\DRIVERS\avgfwdx.sys 02:07:17.0515 3936 Avgfwdx - ok 02:07:17.0515 3936 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwfd C:\windows\system32\DRIVERS\avgfwdx.sys 02:07:17.0515 3936 Avgfwfd - ok 02:07:17.0593 3936 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Program Files\AVG\AVG2012\avgfws.exe 02:07:17.0609 3936 avgfws - ok 02:07:17.0718 3936 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe 02:07:17.0890 3936 AVGIDSAgent - ok 02:07:17.0921 3936 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdriverx.sys 02:07:17.0937 3936 AVGIDSDriver - ok 02:07:17.0937 3936 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfilterx.sys 02:07:17.0937 3936 AVGIDSFilter - ok 02:07:17.0953 3936 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\windows\system32\DRIVERS\avgidshx.sys 02:07:17.0953 3936 AVGIDSHX - ok 02:07:17.0953 3936 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\windows\system32\DRIVERS\avgidsshimx.sys 02:07:17.0968 3936 AVGIDSShim - ok 02:07:17.0984 3936 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\windows\system32\DRIVERS\avgldx86.sys 02:07:17.0984 3936 Avgldx86 - ok 02:07:17.0984 3936 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\windows\system32\DRIVERS\avgmfx86.sys 02:07:17.0984 3936 Avgmfx86 - ok 02:07:18.0000 3936 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\windows\system32\DRIVERS\avgrkx86.sys 02:07:18.0000 3936 Avgrkx86 - ok 02:07:18.0015 3936 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\windows\system32\DRIVERS\avgtdix.sys 02:07:18.0015 3936 Avgtdix - ok 02:07:18.0031 3936 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe 02:07:18.0031 3936 avgwd - ok 02:07:18.0078 3936 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\windows\system32\drivers\Beep.sys 02:07:18.0078 3936 Beep - ok 02:07:18.0125 3936 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\windows\system32\qmgr.dll 02:07:18.0281 3936 BITS - ok 02:07:18.0343 3936 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 02:07:18.0343 3936 Bonjour Service - ok 02:07:18.0359 3936 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\windows\System32\browser.dll 02:07:18.0375 3936 Browser - ok 02:07:18.0375 3936 BTCFilterService - ok 02:07:18.0375 3936 catchme - ok 02:07:18.0406 3936 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\windows\system32\drivers\cbidf2k.sys 02:07:18.0406 3936 cbidf2k - ok 02:07:18.0421 3936 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\windows\system32\DRIVERS\CCDECODE.sys 02:07:18.0421 3936 CCDECODE - ok 02:07:18.0437 3936 cd20xrnt - ok 02:07:18.0437 3936 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\windows\system32\drivers\Cdaudio.sys 02:07:18.0437 3936 Cdaudio - ok 02:07:18.0453 3936 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\windows\system32\drivers\Cdfs.sys 02:07:18.0453 3936 Cdfs - ok 02:07:18.0531 3936 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\windows\system32\DRIVERS\cdrom.sys 02:07:18.0562 3936 Cdrom - ok 02:07:18.0562 3936 Changer - ok 02:07:18.0578 3936 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\windows\system32\cisvc.exe 02:07:18.0578 3936 CiSvc - ok 02:07:18.0609 3936 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\windows\system32\clipsrv.exe 02:07:18.0609 3936 ClipSrv - ok 02:07:18.0640 3936 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 02:07:18.0656 3936 clr_optimization_v2.0.50727_32 - ok 02:07:18.0671 3936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 02:07:18.0734 3936 clr_optimization_v4.0.30319_32 - ok 02:07:18.0734 3936 CmdIde - ok 02:07:18.0765 3936 [ A70069CDAB2A033DACF4914F49542550 ] ComproHID C:\windows\system32\DRIVERS\ComproHID.sys 02:07:18.0765 3936 ComproHID - ok 02:07:18.0765 3936 COMSysApp - ok 02:07:18.0781 3936 Cpqarray - ok 02:07:18.0828 3936 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 02:07:18.0828 3936 Creative Audio Engine Licensing Service - ok 02:07:18.0859 3936 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\windows\system32\CTsvcCDA.exe 02:07:18.0859 3936 Creative Service for CDROM Access - ok 02:07:18.0875 3936 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\windows\System32\cryptsvc.dll 02:07:18.0875 3936 CryptSvc - ok 02:07:18.0921 3936 [ 134CDD242AF1AE9961F065FBA3508A7B ] CT20XUT C:\windows\system32\drivers\CT20XUT.SYS 02:07:18.0921 3936 CT20XUT - ok 02:07:18.0937 3936 [ 134CDD242AF1AE9961F065FBA3508A7B ] CT20XUT.SYS C:\windows\System32\drivers\CT20XUT.SYS 02:07:18.0937 3936 CT20XUT.SYS - ok 02:07:18.0984 3936 [ 93439BAF09CE3C6D4CE55DA5B07D1B6A ] ctac32k C:\windows\system32\drivers\ctac32k.sys 02:07:18.0984 3936 ctac32k - ok 02:07:19.0000 3936 [ 6AB74512F09D673452D63DDEC9014DB5 ] ctaud2k C:\windows\system32\drivers\ctaud2k.sys 02:07:19.0000 3936 ctaud2k - ok 02:07:19.0078 3936 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe 02:07:19.0093 3936 CTAudSvcService - ok 02:07:19.0125 3936 [ 788DB5D99B2CA44FF61D8ED7B3C67C2E ] ctdvda2k C:\windows\system32\drivers\ctdvda2k.sys 02:07:19.0140 3936 ctdvda2k - ok 02:07:19.0171 3936 [ 3A9AD039D94BE8D955AD0B2CB207378D ] CTEXFIFX C:\windows\system32\drivers\CTEXFIFX.SYS 02:07:19.0203 3936 CTEXFIFX - ok 02:07:19.0234 3936 [ 3A9AD039D94BE8D955AD0B2CB207378D ] CTEXFIFX.SYS C:\windows\System32\drivers\CTEXFIFX.SYS 02:07:19.0250 3936 CTEXFIFX.SYS - ok 02:07:19.0265 3936 [ 4602AD8C8E1B285E1A23A957F487DA86 ] CTHWIUT C:\windows\system32\drivers\CTHWIUT.SYS 02:07:19.0281 3936 CTHWIUT - ok 02:07:19.0281 3936 [ 4602AD8C8E1B285E1A23A957F487DA86 ] CTHWIUT.SYS C:\windows\System32\drivers\CTHWIUT.SYS 02:07:19.0281 3936 CTHWIUT.SYS - ok 02:07:19.0281 3936 [ D42B84671F2193330215D3C375A2E948 ] ctprxy2k C:\windows\system32\drivers\ctprxy2k.sys 02:07:19.0281 3936 ctprxy2k - ok 02:07:19.0328 3936 [ 974CFCBE3206367BEC1D527D9DADE998 ] ctsfm2k C:\windows\system32\drivers\ctsfm2k.sys 02:07:19.0328 3936 ctsfm2k - ok 02:07:19.0328 3936 dac2w2k - ok 02:07:19.0328 3936 dac960nt - ok 02:07:19.0390 3936 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\windows\system32\rpcss.dll 02:07:19.0406 3936 DcomLaunch - ok 02:07:19.0437 3936 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe 02:07:19.0437 3936 DeviceMonitorService - ok 02:07:19.0453 3936 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\windows\System32\dhcpcsvc.dll 02:07:19.0453 3936 Dhcp - ok 02:07:19.0453 3936 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\windows\system32\DRIVERS\disk.sys 02:07:19.0453 3936 Disk - ok 02:07:19.0468 3936 dmadmin - ok 02:07:19.0500 3936 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\windows\system32\drivers\dmboot.sys 02:07:19.0515 3936 dmboot - ok 02:07:19.0531 3936 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\windows\system32\drivers\dmio.sys 02:07:19.0546 3936 dmio - ok 02:07:19.0562 3936 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\windows\system32\drivers\dmload.sys 02:07:19.0562 3936 dmload - ok 02:07:19.0562 3936 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\windows\System32\dmserver.dll 02:07:19.0562 3936 dmserver - ok 02:07:19.0593 3936 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\windows\system32\drivers\DMusic.sys 02:07:19.0593 3936 DMusic - ok 02:07:19.0609 3936 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\windows\System32\dnsrslvr.dll 02:07:19.0609 3936 Dnscache - ok 02:07:19.0625 3936 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\windows\System32\dot3svc.dll 02:07:19.0625 3936 Dot3svc - ok 02:07:19.0625 3936 dpti2o - ok 02:07:19.0640 3936 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 02:07:19.0656 3936 drmkaud - ok 02:07:19.0656 3936 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\windows\System32\eapsvc.dll 02:07:19.0656 3936 EapHost - ok 02:07:19.0656 3936 [ 04AFE5C11777E33178EC11E1FAC47B07 ] emupia C:\windows\system32\drivers\emupia2k.sys 02:07:19.0671 3936 emupia - ok 02:07:19.0671 3936 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\windows\System32\ersvc.dll 02:07:19.0671 3936 ERSvc - ok 02:07:19.0703 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\windows\system32\services.exe 02:07:19.0703 3936 Eventlog - ok 02:07:19.0718 3936 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 02:07:19.0734 3936 EventSystem - ok 02:07:19.0750 3936 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\windows\system32\drivers\Fastfat.sys 02:07:19.0750 3936 Fastfat - ok 02:07:19.0781 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll 02:07:19.0781 3936 FastUserSwitchingCompatibility - ok 02:07:19.0796 3936 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\windows\system32\DRIVERS\fdc.sys 02:07:19.0796 3936 Fdc - ok 02:07:19.0812 3936 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\windows\system32\drivers\Fips.sys 02:07:19.0812 3936 Fips - ok 02:07:19.0812 3936 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\windows\system32\drivers\Flpydisk.sys 02:07:19.0812 3936 Flpydisk - ok 02:07:19.0843 3936 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 02:07:19.0843 3936 FltMgr - ok 02:07:19.0875 3936 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 02:07:19.0906 3936 FontCache3.0.0.0 - ok 02:07:19.0906 3936 [ E0087225B137E57239FF40F8AE82059B ] fssfltr C:\windows\system32\DRIVERS\fssfltr_tdi.sys 02:07:19.0921 3936 fssfltr - ok 02:07:20.0000 3936 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 02:07:20.0015 3936 fsssvc - ok 02:07:20.0015 3936 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 02:07:20.0015 3936 Fs_Rec - ok 02:07:20.0031 3936 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\windows\system32\DRIVERS\ftdisk.sys 02:07:20.0031 3936 Ftdisk - ok 02:07:20.0062 3936 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\windows\system32\Drivers\GEARAspiWDM.sys 02:07:20.0062 3936 GEARAspiWDM - ok 02:07:20.0078 3936 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\windows\system32\DRIVERS\msgpc.sys 02:07:20.0078 3936 Gpc - ok 02:07:20.0171 3936 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 02:07:20.0171 3936 gupdate - ok 02:07:20.0171 3936 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 02:07:20.0171 3936 gupdatem - ok 02:07:20.0234 3936 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 02:07:20.0234 3936 gusvc - ok 02:07:20.0312 3936 [ 41FCE1833D8F659ACC56CB0EE43B2CED ] ha20x2k C:\windows\system32\drivers\ha20x2k.sys 02:07:20.0328 3936 ha20x2k - ok 02:07:20.0343 3936 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys 02:07:20.0359 3936 HDAudBus - ok 02:07:20.0421 3936 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll 02:07:20.0421 3936 helpsvc - ok 02:07:20.0437 3936 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\windows\System32\hidserv.dll 02:07:20.0437 3936 HidServ - ok 02:07:20.0468 3936 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 02:07:20.0468 3936 HidUsb - ok 02:07:20.0484 3936 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\windows\System32\kmsvc.dll 02:07:20.0484 3936 hkmsvc - ok 02:07:20.0484 3936 hpn - ok 02:07:20.0609 3936 [ E4E285A3766B4A57401FEEAF66CB07B5 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 02:07:20.0640 3936 hpqcxs08 - ok 02:07:20.0640 3936 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 02:07:20.0640 3936 hpqddsvc - ok 02:07:20.0671 3936 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\windows\system32\DRIVERS\HPZid412.sys 02:07:20.0687 3936 HPZid412 - ok 02:07:20.0703 3936 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\windows\system32\DRIVERS\HPZipr12.sys 02:07:20.0703 3936 HPZipr12 - ok 02:07:20.0718 3936 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\windows\system32\DRIVERS\HPZius12.sys 02:07:20.0734 3936 HPZius12 - ok 02:07:20.0781 3936 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\windows\system32\Drivers\HTTP.sys 02:07:20.0781 3936 HTTP - ok 02:07:20.0812 3936 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\windows\System32\w3ssl.dll 02:07:20.0812 3936 HTTPFilter - ok 02:07:20.0812 3936 i2omgmt - ok 02:07:20.0828 3936 i2omp - ok 02:07:20.0875 3936 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 02:07:20.0875 3936 i8042prt - ok 02:07:20.0953 3936 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 02:07:20.0953 3936 IDriverT - ok 02:07:21.0000 3936 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 02:07:21.0015 3936 idsvc - ok 02:07:21.0046 3936 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\windows\system32\DRIVERS\imapi.sys 02:07:21.0046 3936 Imapi - ok 02:07:21.0046 3936 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\windows\system32\imapi.exe 02:07:21.0062 3936 ImapiService - ok 02:07:21.0062 3936 ini910u - ok 02:07:21.0187 3936 [ 12A9DAFE2266B6FA6DDBCE1847347751 ] IntcAzAudAddService C:\windows\system32\drivers\RtkHDAud.sys 02:07:21.0281 3936 IntcAzAudAddService - ok 02:07:21.0281 3936 IntelIde - ok 02:07:21.0312 3936 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 02:07:21.0312 3936 intelppm - ok 02:07:21.0328 3936 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\windows\system32\drivers\ip6fw.sys 02:07:21.0328 3936 Ip6Fw - ok 02:07:21.0359 3936 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 02:07:21.0359 3936 IpFilterDriver - ok 02:07:21.0359 3936 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\windows\system32\DRIVERS\ipinip.sys 02:07:21.0359 3936 IpInIp - ok 02:07:21.0390 3936 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\windows\system32\DRIVERS\ipnat.sys 02:07:21.0390 3936 IpNat - ok 02:07:21.0421 3936 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 02:07:21.0437 3936 iPod Service - ok 02:07:21.0453 3936 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\windows\system32\DRIVERS\ipsec.sys 02:07:21.0468 3936 IPSec - ok 02:07:21.0500 3936 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\windows\system32\DRIVERS\irenum.sys 02:07:21.0515 3936 IRENUM - ok 02:07:21.0531 3936 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys 02:07:21.0531 3936 isapnp - ok 02:07:21.0609 3936 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 02:07:21.0625 3936 JavaQuickStarterService - ok 02:07:21.0640 3936 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 02:07:21.0640 3936 Kbdclass - ok 02:07:21.0656 3936 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys 02:07:21.0656 3936 kbdhid - ok 02:07:21.0671 3936 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\windows\system32\drivers\kmixer.sys 02:07:21.0671 3936 kmixer - ok 02:07:21.0687 3936 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\windows\system32\drivers\KSecDD.sys 02:07:21.0703 3936 KSecDD - ok 02:07:21.0718 3936 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\windows\System32\srvsvc.dll 02:07:21.0718 3936 LanmanServer - ok 02:07:21.0765 3936 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\windows\System32\wkssvc.dll 02:07:21.0812 3936 lanmanworkstation - ok 02:07:21.0812 3936 Lavasoft Kernexplorer - ok 02:07:21.0828 3936 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\windows\system32\DRIVERS\Lbd.sys 02:07:21.0828 3936 Lbd - ok 02:07:21.0828 3936 lbrtfdc - ok 02:07:21.0875 3936 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\windows\system32\DRIVERS\lirsgt.sys 02:07:21.0875 3936 lirsgt - ok 02:07:21.0921 3936 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\windows\System32\lmhsvc.dll 02:07:21.0921 3936 LmHosts - ok 02:07:22.0000 3936 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe 02:07:22.0015 3936 MatSvc - ok 02:07:22.0031 3936 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\windows\system32\drivers\mbam.sys 02:07:22.0031 3936 MBAMProtector - ok 02:07:22.0093 3936 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 02:07:22.0093 3936 MBAMScheduler - ok 02:07:22.0125 3936 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 02:07:22.0140 3936 MBAMService - ok 02:07:22.0171 3936 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\windows\system32\DRIVERS\mcdbus.sys 02:07:22.0171 3936 mcdbus - ok 02:07:22.0234 3936 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 02:07:22.0250 3936 MDM - ok 02:07:22.0265 3936 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\windows\System32\msgsvc.dll 02:07:22.0265 3936 Messenger - ok 02:07:22.0312 3936 Microsoft SharePoint Workspace Audit Service - ok 02:07:22.0343 3936 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\windows\system32\drivers\mnmdd.sys 02:07:22.0343 3936 mnmdd - ok 02:07:22.0375 3936 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 02:07:22.0375 3936 mnmsrvc - ok 02:07:22.0390 3936 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\windows\system32\drivers\Modem.sys 02:07:22.0406 3936 Modem - ok 02:07:22.0406 3936 motccgp - ok 02:07:22.0406 3936 motccgpfl - ok 02:07:22.0421 3936 motmodem - ok 02:07:22.0484 3936 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 02:07:22.0515 3936 MotoHelper - ok 02:07:22.0515 3936 MotoSwitchService - ok 02:07:22.0515 3936 Motousbnet - ok 02:07:22.0531 3936 motusbdevice - ok 02:07:22.0546 3936 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\windows\system32\DRIVERS\mouclass.sys 02:07:22.0562 3936 Mouclass - ok 02:07:22.0593 3936 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 02:07:22.0593 3936 mouhid - ok 02:07:22.0609 3936 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\windows\system32\drivers\MountMgr.sys 02:07:22.0609 3936 MountMgr - ok 02:07:22.0625 3936 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\windows\system32\DRIVERS\MPE.sys 02:07:22.0625 3936 MPE - ok 02:07:22.0625 3936 mraid35x - ok 02:07:22.0656 3936 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\windows\system32\DRIVERS\mrxdav.sys 02:07:22.0656 3936 MRxDAV - ok 02:07:22.0671 3936 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\windows\system32\DRIVERS\mrxsmb.sys 02:07:22.0671 3936 MRxSmb - ok 02:07:22.0718 3936 [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe 02:07:22.0734 3936 MSCamSvc - ok 02:07:22.0750 3936 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 02:07:22.0765 3936 MSDTC - ok 02:07:22.0781 3936 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\windows\system32\drivers\Msfs.sys 02:07:22.0781 3936 Msfs - ok 02:07:22.0781 3936 MSIServer - ok 02:07:22.0828 3936 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 02:07:22.0828 3936 MSKSSRV - ok 02:07:22.0828 3936 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 02:07:22.0828 3936 MSPCLOCK - ok 02:07:22.0843 3936 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\windows\system32\drivers\MSPQM.sys 02:07:22.0843 3936 MSPQM - ok 02:07:22.0890 3936 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys 02:07:22.0890 3936 mssmbios - ok 02:07:22.0906 3936 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\windows\system32\drivers\MSTEE.sys 02:07:22.0906 3936 MSTEE - ok 02:07:22.0921 3936 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\windows\system32\drivers\Mup.sys 02:07:22.0921 3936 Mup - ok 02:07:22.0937 3936 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\windows\system32\DRIVERS\NABTSFEC.sys 02:07:22.0937 3936 NABTSFEC - ok 02:07:22.0984 3936 [ 0102140028FAD045756796E1C685D695 ] napagent C:\windows\System32\qagentrt.dll 02:07:23.0000 3936 napagent - ok 02:07:23.0062 3936 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe 02:07:23.0078 3936 NAUpdate - ok 02:07:23.0093 3936 [ 0AE25530894A934C6CA600865C6E9D7C ] NBVol C:\windows\system32\DRIVERS\NBVol.sys 02:07:23.0093 3936 NBVol - ok 02:07:23.0093 3936 [ 1DDCEF3039C9D90AF3529DEE6699967D ] NBVolUp C:\windows\system32\DRIVERS\NBVolUp.sys 02:07:23.0093 3936 NBVolUp - ok 02:07:23.0109 3936 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\windows\system32\drivers\NDIS.sys 02:07:23.0125 3936 NDIS - ok 02:07:23.0125 3936 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\windows\system32\DRIVERS\NdisIP.sys 02:07:23.0125 3936 NdisIP - ok 02:07:23.0140 3936 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 02:07:23.0140 3936 NdisTapi - ok 02:07:23.0187 3936 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 02:07:23.0187 3936 Ndisuio - ok 02:07:23.0187 3936 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 02:07:23.0187 3936 NdisWan - ok 02:07:23.0203 3936 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\windows\system32\drivers\NDProxy.sys 02:07:23.0203 3936 NDProxy - ok 02:07:23.0281 3936 [ 78073F606AE3B24F6C1F555759AA8511 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 02:07:23.0312 3936 Nero BackItUp Scheduler 3 - ok 02:07:23.0343 3936 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 02:07:23.0343 3936 Net Driver HPZ12 - ok 02:07:23.0343 3936 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 02:07:23.0359 3936 NetBIOS - ok 02:07:23.0375 3936 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\windows\system32\DRIVERS\netbt.sys 02:07:23.0375 3936 NetBT - ok 02:07:23.0406 3936 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\windows\system32\netdde.exe 02:07:23.0406 3936 NetDDE - ok 02:07:23.0406 3936 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\windows\system32\netdde.exe 02:07:23.0406 3936 NetDDEdsdm - ok 02:07:23.0421 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\windows\system32\lsass.exe 02:07:23.0437 3936 Netlogon - ok 02:07:23.0437 3936 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\windows\System32\netman.dll 02:07:23.0437 3936 Netman - ok 02:07:23.0468 3936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 02:07:23.0500 3936 NetTcpPortSharing - ok 02:07:23.0546 3936 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\windows\System32\mswsock.dll 02:07:23.0546 3936 Nla - ok 02:07:23.0625 3936 [ 62F68443D244024845B875B44D76A92F ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 02:07:23.0640 3936 NMIndexingService - ok 02:07:23.0687 3936 [ 28E36E677849174C910FAAEAD3E60E9E ] nmwcd C:\windows\system32\drivers\ccdcmb.sys 02:07:23.0687 3936 nmwcd - ok 02:07:23.0687 3936 [ 3823DEB17F9F6775DE0187A98FA0536D ] nmwcdc C:\windows\system32\drivers\ccdcmbo.sys 02:07:23.0687 3936 nmwcdc - ok 02:07:23.0718 3936 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\windows\system32\drivers\npf.sys 02:07:23.0734 3936 NPF - ok 02:07:23.0734 3936 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\windows\system32\drivers\Npfs.sys 02:07:23.0734 3936 Npfs - ok 02:07:23.0734 3936 npggsvc - ok 02:07:23.0765 3936 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\windows\system32\drivers\Ntfs.sys 02:07:23.0781 3936 Ntfs - ok 02:07:23.0781 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\windows\system32\lsass.exe 02:07:23.0781 3936 NtLmSsp - ok 02:07:23.0812 3936 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\windows\system32\ntmssvc.dll 02:07:23.0812 3936 NtmsSvc - ok 02:07:23.0828 3936 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\windows\system32\drivers\Null.sys 02:07:23.0828 3936 Null - ok 02:07:24.0015 3936 [ 7D08E0BC44B14EC0FB144FF1DE05B724 ] nv C:\windows\system32\DRIVERS\nv4_mini.sys 02:07:24.0171 3936 nv - ok 02:07:24.0218 3936 [ 50ACB7253D1104E5917E15A0670D63D5 ] NVHDA C:\windows\system32\drivers\nvhda32.sys 02:07:24.0218 3936 NVHDA - ok 02:07:24.0265 3936 [ B3B259E5CF0B7BC98313F03A80975B04 ] NVSvc C:\windows\system32\nvsvc32.exe 02:07:24.0265 3936 NVSvc - ok 02:07:24.0375 3936 [ 844A25C9E3076EDEF2B12E0BEDED755D ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 02:07:24.0421 3936 nvUpdatusService - ok 02:07:24.0453 3936 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\windows\system32\DRIVERS\nwlnkflt.sys 02:07:24.0453 3936 NwlnkFlt - ok 02:07:24.0468 3936 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\windows\system32\DRIVERS\nwlnkfwd.sys 02:07:24.0468 3936 NwlnkFwd - ok 02:07:24.0515 3936 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 02:07:24.0515 3936 ose - ok 02:07:24.0671 3936 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 02:07:24.0734 3936 osppsvc - ok 02:07:24.0765 3936 [ 11B3328D84ED6C11BAF4F4F115459AB6 ] ossrv C:\windows\system32\drivers\ctoss2k.sys 02:07:24.0765 3936 ossrv - ok 02:07:24.0781 3936 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\windows\system32\DRIVERS\parport.sys 02:07:24.0781 3936 Parport - ok 02:07:24.0781 3936 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\windows\system32\drivers\PartMgr.sys 02:07:24.0781 3936 PartMgr - ok 02:07:24.0828 3936 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\windows\system32\drivers\ParVdm.sys 02:07:24.0828 3936 ParVdm - ok 02:07:24.0859 3936 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\windows\system32\DRIVERS\pccsmcfd.sys 02:07:24.0859 3936 pccsmcfd - ok 02:07:24.0875 3936 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\windows\system32\DRIVERS\pci.sys 02:07:24.0875 3936 PCI - ok 02:07:24.0875 3936 PCIDump - ok 02:07:24.0890 3936 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\windows\system32\DRIVERS\pciide.sys 02:07:24.0890 3936 PCIIde - ok 02:07:24.0921 3936 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\windows\system32\drivers\Pcmcia.sys 02:07:24.0937 3936 Pcmcia - ok 02:07:24.0953 3936 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\windows\system32\Drivers\pcouffin.sys 02:07:24.0968 3936 pcouffin - ok 02:07:24.0968 3936 PDCOMP - ok 02:07:24.0968 3936 PDFRAME - ok 02:07:24.0968 3936 PDRELI - ok 02:07:24.0984 3936 PDRFRAME - ok 02:07:25.0000 3936 perc2 - ok 02:07:25.0000 3936 perc2hib - ok 02:07:25.0062 3936 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\windows\system32\IoctlSvc.exe 02:07:25.0062 3936 PLFlash DeviceIoControl Service - ok 02:07:25.0078 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\windows\system32\services.exe 02:07:25.0078 3936 PlugPlay - ok 02:07:25.0093 3936 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 02:07:25.0093 3936 Pml Driver HPZ12 - ok 02:07:25.0125 3936 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\windows\system32\PnkBstrA.exe 02:07:25.0156 3936 PnkBstrA - ok 02:07:25.0187 3936 [ 27F1BE4A53441C9F1F48B9ADC145B0A5 ] PnkBstrB C:\windows\system32\PnkBstrB.exe 02:07:25.0187 3936 PnkBstrB - ok 02:07:25.0187 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\windows\system32\lsass.exe 02:07:25.0187 3936 PolicyAgent - ok 02:07:25.0203 3936 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 02:07:25.0203 3936 PptpMiniport - ok 02:07:25.0218 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\windows\system32\lsass.exe 02:07:25.0218 3936 ProtectedStorage - ok 02:07:25.0218 3936 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\windows\system32\DRIVERS\psched.sys 02:07:25.0218 3936 PSched - ok 02:07:25.0656 3936 [ 0C234A4A2FBAB98E5E1BAFAF3E3E403A ] PsSdk41 C:\windows\system32\Drivers\pssdk41.sys 02:07:25.0656 3936 PsSdk41 - ok 02:07:25.0671 3936 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\windows\system32\DRIVERS\ptilink.sys 02:07:25.0671 3936 Ptilink - ok 02:07:25.0687 3936 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys 02:07:25.0687 3936 PxHelp20 - ok 02:07:25.0703 3936 ql1080 - ok 02:07:25.0703 3936 Ql10wnt - ok 02:07:25.0703 3936 ql12160 - ok 02:07:25.0718 3936 ql1240 - ok 02:07:25.0718 3936 ql1280 - ok 02:07:25.0750 3936 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 02:07:25.0750 3936 RasAcd - ok 02:07:25.0781 3936 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\windows\System32\rasauto.dll 02:07:25.0781 3936 RasAuto - ok 02:07:25.0781 3936 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 02:07:25.0781 3936 Rasl2tp - ok 02:07:25.0796 3936 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\windows\System32\rasmans.dll 02:07:25.0796 3936 RasMan - ok 02:07:25.0796 3936 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 02:07:25.0796 3936 RasPppoe - ok 02:07:25.0796 3936 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\windows\system32\DRIVERS\raspti.sys 02:07:25.0796 3936 Raspti - ok 02:07:25.0812 3936 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\windows\system32\DRIVERS\rdbss.sys 02:07:25.0812 3936 Rdbss - ok 02:07:25.0828 3936 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 02:07:25.0828 3936 RDPCDD - ok 02:07:25.0875 3936 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\windows\system32\DRIVERS\rdpdr.sys 02:07:25.0890 3936 rdpdr - ok 02:07:25.0906 3936 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys 02:07:25.0921 3936 RDPWD - ok 02:07:25.0921 3936 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 02:07:25.0921 3936 RDSessMgr - ok 02:07:25.0937 3936 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\windows\system32\DRIVERS\redbook.sys 02:07:25.0937 3936 redbook - ok 02:07:25.0968 3936 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\windows\System32\mprdim.dll 02:07:25.0984 3936 RemoteAccess - ok 02:07:26.0000 3936 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\windows\system32\regsvc.dll 02:07:26.0015 3936 RemoteRegistry - ok 02:07:26.0031 3936 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 02:07:26.0031 3936 rpcapd - ok 02:07:26.0046 3936 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\windows\system32\locator.exe 02:07:26.0046 3936 RpcLocator - ok 02:07:26.0078 3936 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\windows\System32\rpcss.dll 02:07:26.0093 3936 RpcSs - ok 02:07:26.0125 3936 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\windows\system32\rsvp.exe 02:07:26.0125 3936 RSVP - ok 02:07:26.0156 3936 [ B52B25F41BF3511071A0E7D10D659C56 ] RTLE8023xp C:\windows\system32\DRIVERS\Rtenicxp.sys 02:07:26.0171 3936 RTLE8023xp - ok 02:07:26.0171 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\windows\system32\lsass.exe 02:07:26.0171 3936 SamSs - ok 02:07:26.0218 3936 [ C1AE5D1F53285D79A0B73A62AF20734F ] SBRE C:\windows\system32\drivers\SBREdrv.sys 02:07:26.0218 3936 SBRE - ok 02:07:26.0234 3936 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\windows\System32\SCardSvr.exe 02:07:26.0234 3936 SCardSvr - ok 02:07:26.0265 3936 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\windows\system32\schedsvc.dll 02:07:26.0265 3936 Schedule - ok 02:07:26.0281 3936 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\windows\system32\DRIVERS\secdrv.sys 02:07:26.0281 3936 Secdrv - ok 02:07:26.0296 3936 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\windows\System32\seclogon.dll 02:07:26.0296 3936 seclogon - ok 02:07:26.0296 3936 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\windows\system32\sens.dll 02:07:26.0312 3936 SENS - ok 02:07:26.0328 3936 [ 6CE397C482BEDE91A38E56A8C4A0DC6D ] Ser2pl C:\windows\system32\DRIVERS\ser2pl.sys 02:07:26.0328 3936 Ser2pl - ok 02:07:26.0359 3936 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\windows\system32\DRIVERS\serenum.sys 02:07:26.0359 3936 serenum - ok 02:07:26.0359 3936 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\windows\system32\DRIVERS\serial.sys 02:07:26.0359 3936 Serial - ok 02:07:26.0453 3936 [ 5BF59C6BC737BAAF541168E5CB2EC1D9 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 02:07:26.0468 3936 ServiceLayer - ok 02:07:26.0484 3936 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\windows\system32\drivers\Sfloppy.sys 02:07:26.0484 3936 Sfloppy - ok 02:07:26.0546 3936 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\windows\System32\ipnathlp.dll 02:07:26.0562 3936 SharedAccess - ok 02:07:26.0578 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\windows\System32\shsvcs.dll 02:07:26.0578 3936 ShellHWDetection - ok 02:07:26.0578 3936 Simbad - ok 02:07:26.0625 3936 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 02:07:26.0625 3936 SkypeUpdate - ok 02:07:26.0656 3936 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\windows\system32\DRIVERS\SLIP.sys 02:07:26.0656 3936 SLIP - ok 02:07:26.0703 3936 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\windows\system32\Drivers\SmartDefragDriver.sys 02:07:26.0703 3936 SmartDefragDriver - ok 02:07:26.0703 3936 Sparrow - ok 02:07:26.0750 3936 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\windows\system32\drivers\splitter.sys 02:07:26.0750 3936 splitter - ok 02:07:26.0765 3936 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\windows\system32\spoolsv.exe 02:07:26.0765 3936 Spooler - ok 02:07:26.0781 3936 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\windows\system32\DRIVERS\sr.sys 02:07:26.0781 3936 sr - ok 02:07:26.0812 3936 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\windows\system32\srsvc.dll 02:07:26.0812 3936 srservice - ok 02:07:26.0859 3936 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\windows\system32\DRIVERS\srv.sys 02:07:26.0859 3936 Srv - ok 02:07:26.0875 3936 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 02:07:26.0875 3936 SSDPSRV - ok 02:07:26.0906 3936 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\windows\system32\wiaservc.dll 02:07:26.0906 3936 stisvc - ok 02:07:26.0921 3936 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\windows\system32\DRIVERS\StreamIP.sys 02:07:26.0921 3936 streamip - ok 02:07:26.0953 3936 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\windows\system32\DRIVERS\swenum.sys 02:07:26.0953 3936 swenum - ok 02:07:26.0968 3936 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\windows\system32\drivers\swmidi.sys 02:07:26.0968 3936 swmidi - ok 02:07:26.0968 3936 SwPrv - ok 02:07:26.0968 3936 symc810 - ok 02:07:27.0000 3936 symc8xx - ok 02:07:27.0000 3936 sym_hi - ok 02:07:27.0000 3936 sym_u3 - ok 02:07:27.0015 3936 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\windows\system32\drivers\sysaudio.sys 02:07:27.0015 3936 sysaudio - ok 02:07:27.0031 3936 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\windows\system32\smlogsvc.exe 02:07:27.0031 3936 SysmonLog - ok 02:07:27.0046 3936 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\windows\System32\tapisrv.dll 02:07:27.0046 3936 TapiSrv - ok 02:07:27.0078 3936 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\windows\system32\DRIVERS\tcpip.sys 02:07:27.0093 3936 Tcpip - ok 02:07:27.0109 3936 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\windows\system32\DRIVERS\tcpip6.sys 02:07:27.0109 3936 Tcpip6 - ok 02:07:27.0140 3936 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\windows\system32\drivers\TDPIPE.sys 02:07:27.0140 3936 TDPIPE - ok 02:07:27.0156 3936 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\windows\system32\drivers\TDTCP.sys 02:07:27.0156 3936 TDTCP - ok 02:07:27.0156 3936 [ 88155247177638048422893737429D9E ] TermDD C:\windows\system32\DRIVERS\termdd.sys 02:07:27.0156 3936 TermDD - ok 02:07:27.0187 3936 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\windows\System32\termsrv.dll 02:07:27.0187 3936 TermService - ok 02:07:27.0187 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\windows\System32\shsvcs.dll 02:07:27.0187 3936 Themes - ok 02:07:27.0218 3936 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 02:07:27.0218 3936 TlntSvr - ok 02:07:27.0218 3936 TosIde - ok 02:07:27.0250 3936 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\windows\system32\trkwks.dll 02:07:27.0250 3936 TrkWks - ok 02:07:27.0281 3936 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\windows\system32\DRIVERS\tunmp.sys 02:07:27.0281 3936 tunmp - ok 02:07:27.0296 3936 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\windows\system32\drivers\Udfs.sys 02:07:27.0296 3936 Udfs - ok 02:07:27.0296 3936 ultra - ok 02:07:27.0328 3936 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\windows\system32\DRIVERS\update.sys 02:07:27.0343 3936 Update - ok 02:07:27.0359 3936 [ 325FB38C323C63C7F57885B4DFB1B91E ] UPHClean C:\Program Files\UPHClean\uphclean.exe 02:07:27.0359 3936 UPHClean - ok 02:07:27.0375 3936 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\windows\System32\upnphost.dll 02:07:27.0390 3936 upnphost - ok 02:07:27.0437 3936 [ B1B8BEE26227DAD9835019201552CB05 ] upperdev C:\windows\system32\DRIVERS\usbser_lowerflt.sys 02:07:27.0437 3936 upperdev - ok 02:07:27.0453 3936 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\windows\System32\ups.exe 02:07:27.0453 3936 UPS - ok 02:07:27.0453 3936 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys 02:07:27.0468 3936 USBAAPL - ok 02:07:27.0484 3936 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\windows\system32\drivers\usbaudio.sys 02:07:27.0484 3936 usbaudio - ok 02:07:27.0515 3936 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 02:07:27.0515 3936 usbccgp - ok 02:07:27.0546 3936 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys 02:07:27.0562 3936 usbehci - ok 02:07:27.0562 3936 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 02:07:27.0562 3936 usbhub - ok 02:07:27.0562 3936 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 02:07:27.0578 3936 usbprint - ok 02:07:27.0578 3936 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys 02:07:27.0578 3936 usbscan - ok 02:07:27.0625 3936 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\windows\system32\drivers\usbser.sys 02:07:27.0625 3936 usbser - ok 02:07:27.0625 3936 [ 98E1FF1D732C6C7200B6C59D4FF8C1C3 ] UsbserFilt C:\windows\system32\DRIVERS\usbser_lowerfltj.sys 02:07:27.0625 3936 UsbserFilt - ok 02:07:27.0671 3936 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 02:07:27.0671 3936 USBSTOR - ok 02:07:27.0671 3936 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys 02:07:27.0671 3936 usbuhci - ok 02:07:27.0671 3936 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\windows\System32\drivers\vga.sys 02:07:27.0687 3936 VgaSave - ok 02:07:27.0687 3936 ViaIde - ok 02:07:27.0734 3936 [ 210235B818921866A0BC1ECA1BE07EDA ] VMHybrid C:\windows\system32\DRIVERS\VMHybrid.sys 02:07:27.0765 3936 VMHybrid - ok 02:07:27.0781 3936 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\windows\system32\drivers\VolSnap.sys 02:07:27.0781 3936 VolSnap - ok 02:07:27.0796 3936 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\windows\System32\vssvc.exe 02:07:27.0796 3936 VSS - ok 02:07:27.0859 3936 [ 42870675B4D84ACD81A9DA69B83F14C5 ] VX3000 C:\windows\system32\DRIVERS\VX3000.sys 02:07:27.0890 3936 VX3000 - ok 02:07:27.0953 3936 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\windows\system32\w32time.dll 02:07:27.0953 3936 W32Time - ok 02:07:27.0968 3936 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys 02:07:27.0968 3936 Wanarp - ok 02:07:27.0984 3936 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\windows\system32\Drivers\wdf01000.sys 02:07:28.0000 3936 Wdf01000 - ok 02:07:28.0000 3936 WDICA - ok 02:07:28.0031 3936 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\windows\system32\drivers\wdmaud.sys 02:07:28.0031 3936 wdmaud - ok 02:07:28.0046 3936 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\windows\System32\webclnt.dll 02:07:28.0046 3936 WebClient - ok 02:07:28.0125 3936 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\windows\system32\wbem\WMIsvc.dll 02:07:28.0125 3936 winmgmt - ok 02:07:28.0171 3936 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\windows\system32\WsmSvc.dll 02:07:28.0203 3936 WinRM - ok 02:07:28.0250 3936 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 02:07:28.0281 3936 wlidsvc - ok 02:07:28.0312 3936 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\windows\system32\MsPMSNSv.dll 02:07:28.0328 3936 WmdmPmSN - ok 02:07:28.0375 3936 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\windows\System32\advapi32.dll 02:07:28.0375 3936 Wmi - ok 02:07:28.0390 3936 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 02:07:28.0390 3936 WmiApSrv - ok 02:07:28.0437 3936 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 02:07:28.0468 3936 WMPNetworkSvc - ok 02:07:28.0531 3936 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 02:07:28.0562 3936 WPFFontCache_v0400 - ok 02:07:28.0593 3936 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\windows\System32\drivers\ws2ifsl.sys 02:07:28.0609 3936 WS2IFSL - ok 02:07:28.0640 3936 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\windows\system32\wscsvc.dll 02:07:28.0640 3936 wscsvc - ok 02:07:28.0640 3936 WSearch - ok 02:07:28.0656 3936 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\windows\system32\DRIVERS\WSTCODEC.SYS 02:07:28.0656 3936 WSTCODEC - ok 02:07:28.0703 3936 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\windows\system32\wuauserv.dll 02:07:28.0718 3936 wuauserv - ok 02:07:28.0734 3936 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\windows\system32\DRIVERS\WudfPf.sys 02:07:28.0750 3936 WudfPf - ok 02:07:28.0750 3936 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\windows\system32\DRIVERS\wudfrd.sys 02:07:28.0750 3936 WudfRd - ok 02:07:28.0765 3936 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\windows\System32\WUDFSvc.dll 02:07:28.0765 3936 WudfSvc - ok 02:07:28.0781 3936 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\windows\System32\wzcsvc.dll 02:07:28.0796 3936 WZCSVC - ok 02:07:28.0796 3936 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\windows\System32\xmlprov.dll 02:07:28.0812 3936 xmlprov - ok 02:07:28.0812 3936 ================ Scan global =============================== 02:07:28.0859 3936 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\windows\system32\basesrv.dll 02:07:28.0875 3936 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll 02:07:28.0906 3936 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll 02:07:28.0937 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\windows\system32\services.exe 02:07:28.0937 3936 [Global] - ok 02:07:28.0937 3936 ================ Scan MBR ================================== 02:07:28.0953 3936 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 02:07:29.0078 3936 \Device\Harddisk0\DR0 - ok 02:07:29.0078 3936 ================ Scan VBR ================================== 02:07:29.0093 3936 [ 262C7F1C2807B1CC91717751F15C91BB ] \Device\Harddisk0\DR0\Partition1 02:07:29.0093 3936 \Device\Harddisk0\DR0\Partition1 - ok 02:07:29.0109 3936 [ A9C19AA60E85E91C3C126C03A4AB0EB5 ] \Device\Harddisk0\DR0\Partition2 02:07:29.0109 3936 \Device\Harddisk0\DR0\Partition2 - ok 02:07:29.0109 3936 ============================================================ 02:07:29.0109 3936 Scan finished 02:07:29.0109 3936 ============================================================ 02:07:29.0125 0932 Detected object count: 0 02:07:29.0125 0932 Actual detected object count: 0 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-11-08 02:18:27 ----------------------------- 02:18:27.984 OS Version: Windows 5.1.2600 Service Pack 3 02:18:27.984 Number of processors: 4 586 0x1707 02:18:27.984 ComputerName: PB1947 UserName: 02:18:30.312 Initialize success 02:23:12.187 AVAST engine defs: 12110700 02:23:25.515 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5 02:23:25.515 Disk 0 Vendor: ST31000333AS CC1H Size: 953869MB BusType: 3 02:23:25.515 Disk 0 MBR read successfully 02:23:25.515 Disk 0 MBR scan 02:23:25.531 Disk 0 Windows XP default MBR code 02:23:25.531 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63 02:23:25.531 Disk 0 Partition - 00 0F Extended LBA 476929 MB offset 976752000 02:23:25.546 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476929 MB offset 976752063 02:23:25.562 Disk 0 scanning sectors +1953504000 02:23:25.640 Disk 0 scanning C:\windows\system32\drivers 02:23:36.265 Service scanning 02:23:53.515 Modules scanning 02:23:57.218 Disk 0 trace - called modules: 02:23:57.250 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 02:23:57.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b22aab8] 02:23:57.250 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\00000086[0x8b1c49e8] 02:23:57.250 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-5[0x8b238d98] 02:24:02.906 AVAST engine scan C:\windows 02:24:14.140 AVAST engine scan C:\windows\system32 02:27:30.718 AVAST engine scan C:\windows\system32\drivers 02:27:55.500 AVAST engine scan C:\Documents and Settings\peter smith 02:35:53.734 AVAST engine scan C:\Documents and Settings\All Users 02:39:17.671 Scan finished successfully 02:40:22.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\peter smith\Desktop\MBR.dat" 02:40:22.781 The log file has been saved successfully to "C:\Documents and Settings\peter smith\Desktop\aswMBR.txt"
  14. Hi and thanks for a brilliant malware program and I have Malware Pro. Does Malwarebytes have, and if not, do they intend to have an offer for the use of a dual licence for the home users. This day and age many people like myself have a Desktop for home use and a Laptop with WiFi for roam use. Some businesses are now doing this ie Nero and AVG. Cheers Pete
  15. Hi Gringo and thank you, your time is appreciated. I followed your instructions re safe mode, but not without hiccups. In safe mode combofix still flagged me that AVG2012 real time shields were still active. I ignored this as I did a barefoot safe mode boot. while running combofix I got flagged again :- pev-application error - Memory at 0x006f0072 could not be read while I was pondering this, combofix ran on again and continued to finish and the attached log was provided. I then rebooted to normal and after breakfast I came back and the system had an AVG flag that it had detected a trojan the following is the AVG flag info:- File name - c:\system volume information\_restore{34ea6b75-dfbf-4096-962b-86b79104cbda}\rp759\a0471039.sys Threat Name - Trojan Horse Rootkit - Pakes.CD Process Name - c:\windows\system32\svhost.exe Process ID -1704 Cheers Pete ComboFix 12-11-05.03 - Administrator 07/11/2012 9:37.2.4 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3068.2740 [GMT 11:00] Running from: c:\downloads\new\ComboFix.exe AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\$NtUninstallKB28281$\2509306838 . ---- Previous Run ------- . c:\documents and settings\All Users\Application Data\Herofy c:\documents and settings\All Users\Application Data\Herofy\save.aps c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\peter smith\Application Data\.# c:\documents and settings\peter smith\Application Data\inst.exe c:\documents and settings\peter smith\Application Data\log.txt c:\documents and settings\peter smith\Application Data\vso_ts_preview.xml c:\documents and settings\peter smith\My Documents\~WRL3877.tmp c:\windows\$NtUninstallKB28281$ c:\windows\$NtUninstallKB28281$\3496787477\@ c:\windows\$NtUninstallKB28281$\3496787477\Desktop.ini c:\windows\$NtUninstallKB28281$\3496787477\L\00000004.@ c:\windows\$NtUninstallKB28281$\3496787477\L\201d3dde c:\windows\$NtUninstallKB28281$\3496787477\L\vxpsorii c:\windows\$NtUninstallKB28281$\3496787477\U\00000004.@ c:\windows\$NtUninstallKB28281$\3496787477\U\00000008.@ c:\windows\$NtUninstallKB28281$\3496787477\U\000000cb.@ c:\windows\$NtUninstallKB28281$\3496787477\U\80000000.@ c:\windows\$NtUninstallKB28281$\3496787477\U\80000032.@ c:\windows\desktop c:\windows\desktop\185.85_desktop_winxp_32bit_english_whql.exe.FDPART c:\windows\Downloaded Program Files\ODCTOOLS c:\windows\Downloaded Program Files\ODCTOOLS\ef6b26db-344d-4ad3-ba24-aca0bdaa999a.cab c:\windows\Downloaded Program Files\ODCTOOLS\f04d289f-c60a-422b-8396-6c372047042e.cab c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\ST6UNST.000 c:\windows\system32\AutoRun.inf c:\windows\system32\avgfwdx.dll c:\windows\system32\ctfmon_D.exe c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe D:\install.exe . . ((((((((((((((((((((((((( Files Created from 2012-10-06 to 2012-11-06 ))))))))))))))))))))))))))))))) . . 2012-11-05 20:47 . 2008-04-14 12:00 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys 2012-11-05 20:47 . 2008-04-14 12:00 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys 2012-11-04 22:42 . 2012-11-04 22:42 161 ----a-w- c:\windows\DeleteOnReboot.bat 2012-11-03 04:37 . 2003-10-01 02:48 33280 ----a-w- c:\program files\Microsoft Games\Halo\trainer.exe 2012-11-03 04:18 . 2012-11-03 04:32 -------- d-----w- C:\Halo 2012-11-02 03:53 . 2012-11-02 03:53 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache 2012-11-01 10:30 . 2012-11-01 10:30 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2012-10-31 08:27 . 2012-11-03 22:01 -------- d-----w- C:\extract 2012-10-29 23:35 . 2012-11-01 10:25 -------- d-----w- c:\program files\Aveyond - Gates of Night 2012-10-27 00:10 . 2012-10-29 23:35 -------- d-----w- c:\documents and settings\peter smith\Application Data\Aveyond 3 2012-10-26 23:46 . 2012-10-26 23:46 441 ----a-w- c:\program files\2710201210460739.bat 2012-10-26 13:47 . 2012-10-26 13:47 -------- d-----w- c:\documents and settings\peter smith\Local Settings\Application Data\Buried In Time 2012-10-26 12:40 . 2012-10-26 12:40 -------- d-----w- c:\documents and settings\peter smith\Application Data\Mud Puddle Games 2012-10-23 12:56 . 2012-10-23 12:56 -------- d-----w- c:\program files\Common Files\Java 2012-10-23 12:56 . 2012-10-23 12:56 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-20 23:11 . 2012-10-20 23:11 -------- d-----w- c:\documents and settings\peter smith\Application Data\Oberon Media 2012-10-20 23:11 . 2012-10-20 23:11 -------- d-----w- c:\program files\Common Files\Oberon Media 2012-10-20 23:09 . 2012-10-20 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media 2012-10-20 23:09 . 2012-10-27 00:09 -------- d-----w- c:\program files\Oberon Media 2012-10-20 23:09 . 2012-10-27 00:09 -------- d-----w- c:\program files\MSN Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-23 12:56 . 2012-02-24 02:22 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-10-23 12:56 . 2011-09-21 07:55 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-10-23 12:56 . 2010-05-08 15:01 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-29 08:54 . 2010-04-04 08:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:14 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 05:43 . 2012-02-21 19:25 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-08-21 13:33 . 2008-04-14 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2008-04-14 00:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-03 18:21 . 2011-08-27 05:16 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-11-05 570664] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-01 59240] "CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-30 2596984] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-03-07 13879192] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-02 252848] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\peter smith\Start Menu\Programs\Startup\ hpqtra08.exe [2008-3-25 214360] MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2012-8-5 576000] PowerReg Scheduler.exe [2012-8-5 256000] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ComproRemote.lnk] backup=c:\windows\pss\ComproRemote.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk] backup=c:\windows\pss\ComproSchedulerDTV.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2012-10-17 01:29 1353080 ----a-w- c:\program files\Steam\steam.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 5:50 AM 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 5:46 AM 31952] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [6/07/2010 2:06 PM 64288] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [18/04/2012 5:07 PM 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [18/04/2012 5:07 PM 12464] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2/02/2012 10:24 PM 14776] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [28/10/2009 11:02 PM 98392] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 6:25 AM 237408] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [22/02/2012 6:25 AM 301920] S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [13/06/2012 4:48 AM 2321560] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [13/08/2012 4:24 AM 5167736] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 5:53 AM 193288] S2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\Lite\NServiceEntry.exe [19/09/2011 3:58 PM 87368] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/11/2012 10:33 PM 399432] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/04/2010 7:47 PM 676936] S2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [7/12/2011 8:00 AM 214896] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [25/11/2011 5:32 PM 687400] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [26/06/2010 4:07 AM 35088] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 2:28 PM 160944] S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 8:52 PM 30944] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 8:52 PM 30944] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 2:32 PM 139856] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 2:32 PM 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 2:32 PM 17232] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?] S3 ComproHID;VideoMate Root Enumerated Hid Device;c:\windows\system32\drivers\ComproHID.sys [22/05/2009 8:41 PM 7040] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [18/07/2009 11:58 AM 79360] S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [4/06/2009 3:46 AM 171032] S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [4/06/2009 3:46 AM 171032] S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [4/06/2009 3:46 AM 1324056] S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [4/06/2009 3:46 AM 1324056] S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [4/06/2009 3:46 AM 72728] S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [4/06/2009 3:46 AM 72728] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13/06/2011 10:09 PM 267568] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/04/2010 7:47 PM 22856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [16/11/2009 10:22 AM 47360] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [21/08/2009 3:14 PM 36928] S3 VMHybrid;VMHybrid service;c:\windows\system32\drivers\VMHybrid.sys [1/09/2008 3:05 AM 1060224] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-10-25 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 07:57] . 2012-11-03 c:\windows\Tasks\Driver Robot.job - c:\program files\Driver Robot\1.2.0.5\DriverRobot.exe [2009-12-20 06:29] . 2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 04:12] . 2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 04:12] . 2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-1801674531-1003Core.job - c:\documents and settings\peter smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-12 15:32] . 2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-1801674531-1003UA.job - c:\documents and settings\peter smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-12 15:32] . 2009-10-24 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job - c:\program files\Microsoft LifeCam\LifeExp.exe [2007-05-17 21:45] . 2012-11-04 c:\windows\Tasks\MotoHelper MUM.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-06 c:\windows\Tasks\MotoHelper Routing.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-04 c:\windows\Tasks\MotoHelper Update.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-11-06 c:\windows\Tasks\SmartDefrag_Startup.job - c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-04-03 03:26] . 2012-11-06 c:\windows\Tasks\User_Feed_Synchronization-{FDA492B4-C921-4A9E-B111-88B14DFCFF35}.job - c:\windows\system32\msfeedssync.exe [2009-03-07 17:31] . . ------- Supplementary Scan ------- . IE: {{87989A8E-F587-43A4-9315-34A4E4F4B3F9} TCP: DhcpNameServer = 10.0.0.138 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} - hxxp://games.bigfishgames.com/en_big-city-adventure-sydney-australia/online/JBGamePlayer.cab FF - ProfilePath - c:\documents and settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: !HIDDEN! 2009-07-11 00:24; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . - - - - ORPHANS REMOVED - - - - . AddRemove-Coconut Queen - c:\program files\iWin\Coconut Queen\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-07 09:53 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTxfiHlp = CTXFIHLP.EXE? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,ad,8f,d6,8b,c3,82,4d,96,33,cd,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,ad,8f,d6,8b,c3,82,4d,96,33,cd,\ . [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*] "value"="?\08\00\05\05,,?" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(1140) c:\windows\system32\WININET.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1033\GrooveIntlResource.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll . Completion time: 2012-11-07 09:58:33 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-06 22:58 . Pre-Run: 97,934,557,184 bytes free Post-Run: 97,891,307,520 bytes free . - - End Of File - - 232F7079BF2D8EB48DFE753FC81348FD
  16. My apologies, I forgot to inform you that combofix did find a nasty that it said would be difficult to remove and also the browser diversions seem to have stopped, I am disappointed that this system would not let me to get to the combofix log stage. I also know that I have damaged files but I will not repair with xp cd or touch anything until your reply, cheers Pete
  17. Hi and once again thank you for your time Gringo. I once again had hiccups. I have AVG 2012 and it is slightly different to the advice for disabling 2011. Never the less I tempory disabled AVG, after this was applied the next window had the time limit which I set to 15 minutes, the only check box in this window was disable firewall which I also checked and okayed, AVG showed all function icons in red. I then followed instructions and ran combofix and combo fix said AVG was still running real time protection??? I still ran combofix as I know I disabled AVG 2012, combofix after the scan rebooted and did over 40 stages, it then started to delete files in my personal settings etc and deleted folders and then just stopped. After one hour I had to make the decision to enable task manager as it was the only function I had to reboot the system. I have gone no further at this stage and once again I am unable to provide you with a log file. Currently I have noticed that the ethernet LED has stopped thrashing but the HD is still thrashing. I decided to be patient and await your next reply instead of trying with combo fix again. Cheers and thanks Pete
  18. Hi, I lost report for security check, I did not notice this until I ran other two programs my system crashed during this and some scans had too be done again. My browser was still diverting to ads after these 2 were run. I also had a block by AVG when I rebooted after all the processes you requested were ran. ie File Name :- qszmg.justdied.com/index.php? Threat Name :- Exploit Rogue Scanner (type831) Cheers and thanks Pete # AdwCleaner v2.006 - Logfile created 11/05/2012 at 09:56:35 # Updated 30/10/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : peter smith - PB1947 # Boot Mode : Normal # Running from : C:\Documents and Settings\peter smith\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\BrowserMngr_extensions.sqlite File Found : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\browsermngr_prefs.js File Found : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\searchplugins\BabylonMngr.xml File Found : C:\Program Files\Mozilla FireFox\Components\AskSearch.js File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Found : C:\user.js File Found : C:\windows\Tasks\Browser Manager.job Folder Found : C:\DOCUME~1\PETERS~1\LOCALS~1\Temp\CT2504091 Folder Found : C:\Documents and Settings\All Users\Application Data\Browser Manager Folder Found : C:\Documents and Settings\All Users\Application Data\InstallMate Folder Found : C:\Documents and Settings\All Users\Application Data\Premium Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\iWin Folder Found : C:\Documents and Settings\peter smith\Application Data\Babylon Folder Found : C:\Documents and Settings\peter smith\Application Data\BabylonToolbar Folder Found : C:\Documents and Settings\peter smith\Application Data\iWin Folder Found : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\CT2504091 Folder Found : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} Folder Found : C:\Documents and Settings\peter smith\Application Data\PriceGong Folder Found : C:\Documents and Settings\peter smith\Local Settings\Application Data\Conduit Folder Found : C:\Documents and Settings\peter smith\Local Settings\Application Data\ConduitEngine Folder Found : C:\Program Files\BabylonToolbar Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\iWin Folder Found : C:\Program Files\Trymedia ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Headlight Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D360201-FFF5-11D1-8D03-00A0C959BC0A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0DE3308-5D5A-470D-81B9-634FC078393B} Key Found : HKCU\Software\PriceGong Key Found : HKCU\Software\SmartBar Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\GamesBarSetup Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Found : HKLM\SOFTWARE\Software Key Found : HKLM\Software\Software Key Found : HKU\S-1-5-21-1409082233-1708537768-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v8.0.1 (en-GB) Profile name : default File : C:\Documents and Settings\peter smith\Application Data\Mozilla\Firefox\Profiles\lhrewx53.default\prefs.js Found : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT2504091.FirstTime", "true"); Found : user_pref("CT2504091.FirstTimeFF3", "true"); Found : user_pref("CT2504091.UserID", "UN00269778162390743"); Found : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); Found : user_pref("CT2504091.autoDisableScopes", -1); Found : user_pref("CT2504091.cbfirsttime", "Mon Aug 13 2012 18:06:13 GMT+1000 (AUS Eastern Standard Time)"); Found : user_pref("CT2504091.defaultSearch", "false"); Found : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"cross[...] Found : user_pref("CT2504091.enableAlerts", "false"); Found : user_pref("CT2504091.enableSearchFromAddressBar", "true"); Found : user_pref("CT2504091.firstTimeDialogOpened", "true"); Found : user_pref("CT2504091.fixPageNotFoundError", "true"); Found : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); Found : user_pref("CT2504091.fixUrls", true); Found : user_pref("CT2504091.installId", "ConduitNSISIntegration"); Found : user_pref("CT2504091.installType", "ConduitNSISIntegration"); Found : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT2504091.isNewTabEnabled", true); Found : user_pref("CT2504091.isPerformedSmartBarTransition", "true"); Found : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT2504091.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ablank\",\"EB_MAIN_FRA[...] Found : user_pref("CT2504091.openThankYouPage", "false"); Found : user_pref("CT2504091.openUninstallPage", "false"); Found : user_pref("CT2504091.search.searchAppId", "129079840422026594"); Found : user_pref("CT2504091.search.searchCount", "0"); Found : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); Found : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...] Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1344845171657"); Found : user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1344845158127"); Found : user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1344845156751"); Found : user_pref("CT2504091.serviceLayer_services_login_10.10.20.14_lastUpdate", "1344845171783"); Found : user_pref("CT2504091.serviceLayer_services_optimizer_lastUpdate", "1344845171279"); Found : user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1344845156777"); Found : user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1344845155668"); Found : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1344845154672"); Found : user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1344845156727"); Found : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1344845155360"); Found : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1344845170806"); Found : user_pref("CT2504091.settingsINI", true); Found : user_pref("CT2504091.shouldFirstTimeDialog", "false"); Found : user_pref("CT2504091.smartbar.CTID", "CT2504091"); Found : user_pref("CT2504091.smartbar.Uninstall", "0"); Found : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); Found : user_pref("CT2504091.startPage", "false"); Found : user_pref("CT2504091.toolbarBornServerTime", "13-8-2012"); Found : user_pref("CT2504091.toolbarCurrentServerTime", "13-8-2012"); Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&ba[...] Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Found : user_pref("browser.search.order.1", "Search the web (Babylon)"); Found : user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); Found : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_331[...] Found : user_pref("extensions.BabylonToolbar.admin", false); Found : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Found : user_pref("extensions.BabylonToolbar.excTlbr", false); Found : user_pref("extensions.BabylonToolbar.id", "08262c03000000000000001cc0a94c4d"); Found : user_pref("extensions.BabylonToolbar.instlDay", "15565"); Found : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6"); Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217&tt=120812_bandext_3312_8"); Found : user_pref("extensions.BabylonToolbar_i.newTab", true); Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109217&tt=12081[...] Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.618:05:21"); Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&babsrc=KW[...] -\\ Google Chrome v22.0.1229.94 File : C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Found [l.13] : homepage = "hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&babsrc=HP_ss&mntrId=08262c03000000000000001cc0a94c4d", Found [l.1586] : homepage = "hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&babsrc=HP_ss&mntrId=08262c03000000000000001cc0a94c4d", -\\ Opera v11.60.1185.0 File : C:\Documents and Settings\peter smith\Application Data\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [12311 octets] - [05/11/2012 09:39:30] AdwCleaner[s1].txt - [349 octets] - [05/11/2012 09:42:46] AdwCleaner[R2].txt - [11997 octets] - [05/11/2012 09:56:35] ########## EOF - C:\AdwCleaner[R2].txt - [12058 octets] ########## RogueKiller V8.2.2 [11/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : peter smith [Admin rights] Mode : Scan -- Date : 11/05/2012 09:29:33 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [TASK][sUSP PATH] NSSstub.job : C:\DOCUME~1\PETERS~1\LOCALS~1\Temp\{887A5008-70E1-4FC7-812F-9B0B772FF3CE}\nssstub.exe -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1001namen.com 127.0.0.1 1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST31000333AS +++++ --- User --- [MBR] ea784c8cab1d412493f0e8296eb075de [bSP] 5810d739f7f69ddc51f4cc775ca8f251 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 976752000 | Size: 476929 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_11052012_02d0929.txt >> RKreport[1]_S_11052012_02d0929.txt
  19. Hi, My HD and modem started to thrash in unison about a week ago. I have a full registered version of AVG and have run full scans twice since and it showed a clean system. I started to smell a rat when my browser (google chrome) started to do weird things ie tabbing ads and weird sites. I have a full registered version of malwarebytes which was mothballed due to clashes at the time with AVG. (I currently have noticed that this is not the case now). I updated malwarebytes and ran a full scan and came up with a affiliates downloader which was subsequently removed. I then did another full scan with AVG and it picked up 16 malware/viruses??? after originally showing a clean system. These were removed and system rebooted I then did another scan with malware bytes with the modem switched off and picked up trojans in my memory and restore files which were removed and system reboot. I did a registery clean with Ccleaner and defragged. I then did another another fullscan with AVG and found yet another 3 Trojans 2 of which I could not remove, they were disabled and quarantined. Then I again rebooted (modem still switched off) I did one more scan with Malwarebytes and finally came up clean (Ironically I am not so sure about that). I then after a reboot switched on my modem and my harddisk started to thrash, the ethernet light and HD light are at this moment having a hernia and I know without going any further my problem is rewriting itself. Dont you hate it!!!! Below are the log pastes of dds and attach your help will be appreciated. Cheers Pete DDS (Ver_2012-10-19.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2 Run by peter smith at 18:22:36 on 2012-11-04 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3068.1985 [GMT 11:00] . AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Internet Security 2012 *Enabled* . ============== Running Processes ================ . C:\windows\system32\nvsvc32.exe C:\windows\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\system32\CTsvcCDA.exe C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe C:\windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Nero\Update\NASvc.exe C:\windows\vVX3000.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\windows\system32\CTXFIHLP.EXE C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\windows\system32\ctfmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\peter smith\Start Menu\Programs\Startup\hpqtra08.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\windows\system32\IoctlSvc.exe C:\windows\system32\PnkBstrA.exe C:\windows\system32\PnkBstrB.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\SYSTEM32\CTXFISPI.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\peter smith\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\windows\System32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k WudfServiceGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k LocalService C:\windows\System32\svchost.exe -k HPZ12 C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k hpdevmgmt . ============== Pseudo HJT Report =============== . uStart Page = hxxp://go.bigpond.com/home/index.jsp uSearch Bar = hxxp://www.google.com/ie uSearch Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: CPrintEnhancer Object: {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - c:\program files\hp\smart web printing\SmartWebPrinting.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\documents and settings\peter smith\application data\flashgetbho\FlashGetBHO3.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll EB: Groove Folder Synchronization: {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} - c:\program files\microsoft office\office14\GROOVEEX.DLL uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\peter smith\local settings\application data\google\update\GoogleUpdate.exe" /c uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MS-RTC EA 2; InfoPath.3; Creative AutoUpdate v1.40.01)" -"http://www.freeaddictinggames.com/game/knievels-wild-ride/" mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe" mRun: [VX3000] c:\windows\vVX3000.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [NBAgent] "c:\program files\nero\nero 11\nero backitup\NBAgent.exe" /WinStart mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\documents and settings\peter smith\start menu\programs\startup\hpqtra08.exe StartupFolder: c:\docume~1\peters~1\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\documents and settings\peter smith\start menu\programs\startup\PowerReg Scheduler.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Download All By FlashGet3 - c:\documents and settings\peter smith\application data\flashgetbho\GetAllUrl.htm IE: Download By FlashGet3 - c:\documents and settings\peter smith\application data\flashgetbho\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: mswsock.dll DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} - hxxp://www.srtest.com/srl_bin/sysreqlab_ind.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243504952390 DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} - hxxp://games.bigfishgames.com/en_big-city-adventure-sydney-australia/online/JBGamePlayer.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\peter smith\application data\mozilla\firefox\profiles\lhrewx53.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&babsrc=HP_ss&mntrId=08262c03000000000000001cc0a94c4d FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109217&tt=120812_bandext_3312_8&babsrc=KW_ss&mntrId=08262c03000000000000001cc0a94c4d&q= FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll FF - plugin: c:\documents and settings\peter smith\application data\mozilla\firefox\profiles\lhrewx53.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\np-mswmp.dll FF - plugin: c:\documents and settings\peter smith\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\downloader\npdd.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - plugin: c:\windows\system32\npwmsdrm.dll FF - ExtSQL: !HIDDEN! 2009-07-11 00:24; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109217&tt=120812_bandext_3312_8 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 08262c03000000000000001cc0a94c4d FF - user.js: extensions.BabylonToolbar.instlDay - 15565 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.618:05:21 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-6 64288] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-4-18 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-4-18 12464] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-2-2 14776] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 237408] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-2-22 301920] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2009-10-28 98392] R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-6-13 2321560] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\lite\NServiceEntry.exe [2011-9-19 87368] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-7-8 54760] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-3 399432] R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-7 214896] R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-26 35088] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-3-14 2348352] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032] R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056] R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-4 22856] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2012-5-15 100456] R3 VMHybrid;VMHybrid service;c:\windows\system32\drivers\VMHybrid.sys [2008-9-1 1060224] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-25 135664] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-4-4 676936] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?] S3 ComproHID;VideoMate Root Enumerated Hid Device;c:\windows\system32\drivers\ComproHID.sys [2009-5-22 7040] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-7-18 79360] S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032] S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056] S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-25 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?] S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2009-8-21 36928] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-11-03 04:37:05 33280 ----a-w- c:\program files\microsoft games\halo\trainer.exe 2012-11-03 04:18:59 -------- d-----w- C:\Halo 2012-10-31 08:27:55 -------- d-----w- C:\extract 2012-10-29 23:35:11 -------- d-----w- c:\program files\Aveyond - Gates of Night 2012-10-27 00:10:53 -------- d-----w- c:\documents and settings\peter smith\application data\Aveyond 3 2012-10-26 23:46:07 441 ----a-w- c:\program files\2710201210460739.bat 2012-10-26 13:47:37 -------- d-----w- c:\documents and settings\peter smith\local settings\application data\Buried In Time 2012-10-26 12:40:34 -------- d-----w- c:\documents and settings\peter smith\application data\Mud Puddle Games 2012-10-23 12:56:20 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-20 23:11:47 -------- d-----w- c:\documents and settings\peter smith\application data\Oberon Media 2012-10-20 23:11:38 -------- d-----w- c:\program files\common files\Oberon Media 2012-10-20 23:09:14 -------- d-----w- c:\documents and settings\all users\application data\Oberon Media 2012-10-20 23:09:09 -------- d-----w- c:\program files\Oberon Media 2012-10-20 23:09:09 -------- d-----w- c:\program files\MSN Games 2012-10-06 05:01:48 -------- d-----w- c:\program files\Cheat Engine 6.1 . ==================== Find3M ==================== . 2012-10-23 12:56:08 821736 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-10-23 12:56:08 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-10-23 12:56:08 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-29 08:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 05:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-08 07:21:25 256868 ----a-w- c:\windows\system32\nvdrsdb1.bin 2012-08-08 07:21:25 1 ----a-w- c:\windows\system32\nvdrssel.bin 2012-08-08 07:21:14 256868 ----a-w- c:\windows\system32\nvdrsdb0.bin . ============= FINISH: 18:23:11.00 =============== DDS (Ver_2012-10-19.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 22/05/2009 6:27:43 PM System Uptime: 4/11/2012 5:05:08 PM (1 hours ago) . Motherboard: Intel Corporation | | DG41TY Processor: Intel Pentium III Xeon processor | LGA775 | 2332/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 87.005 GiB free. D: is FIXED (NTFS) - 466 GiB total, 377.505 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is CDROM () K: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia 6120 classic Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia 6120 classic PNP Device ID: ROOT\WPD\0000 Service: WUDFRd . ==== System Restore Points =================== . RP736: 8/08/2012 6:17:31 AM - System Checkpoint RP737: 8/08/2012 11:10:01 AM - Installed Trains and Trucks Tycoon RP738: 9/08/2012 2:32:01 PM - System Checkpoint RP739: 12/08/2012 8:00:50 PM - System Checkpoint RP740: 13/08/2012 6:08:24 PM - Restore Operation RP741: 14/08/2012 7:19:50 PM - System Checkpoint RP742: 15/08/2012 12:17:09 PM - Software Distribution Service 3.0 RP743: 16/08/2012 8:51:17 PM - System Checkpoint RP744: 6/10/2012 9:04:56 AM - Installed DirectX RP745: 6/10/2012 9:05:36 AM - Installed Nero Prerequisite Installer 1.0. RP746: 6/10/2012 9:29:09 AM - Software Distribution Service 3.0 RP747: 15/10/2012 4:28:43 PM - Software Distribution Service 3.0 RP748: 17/10/2012 1:18:00 PM - Installed DirectX RP749: 18/10/2012 3:57:19 PM - System Checkpoint RP750: 19/10/2012 4:59:24 PM - System Checkpoint RP751: 21/10/2012 1:26:20 AM - System Checkpoint RP752: 22/10/2012 2:07:08 AM - System Checkpoint RP753: 23/10/2012 2:44:00 PM - System Checkpoint RP754: 23/10/2012 11:55:41 PM - Removed Java 7 Update 5 RP755: 26/10/2012 4:22:41 PM - System Checkpoint RP756: 30/10/2012 1:12:55 AM - System Checkpoint RP757: 31/10/2012 1:02:33 PM - System Checkpoint RP758: 1/11/2012 1:43:31 PM - System Checkpoint RP759: 4/11/2012 4:20:43 AM - System Checkpoint . ==== Installed Programs ====================== . 100% Free Euchre 7.30 100% Free Five Hundred 7.30 32 Bit HP CIO Components Installer 4 Elements 900 Puzzle Games ACDSee Image Decoder Update ACDSee Pro 4 ACDSee RAW Image Decoder Plug-In Update 4.0 Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Adobe Shockwave Player 11.6 Age of Empires III Age of Empires III - The Asian Dynasties AIO_Scan All My Gods ANNO 1404 Apple Application Support Apple Mobile Device Support Apple Software Update Australian Pictorial Computer Stamp Catalogue 2012 Edition Australian Pictorial Computer Stamp Organiser 2012 Edition Aveyond - Gates of Night Aveyond Lord of Twilight AVG 2012 AVS Media Player 3.1 AVS Mobile Uploader version 1.9 AVS Update Manager 1.0 AVS Video Converter 6 AVS4YOU Software Navigator 1.3 Be a King (remove only) Be Rich Be Richer Bejeweled Twist 1.0.3 BestHD Blu-ray DVD Ripper 3.58.07 Big Fish Games: Game Manager Blokus World Tour Bonampak Bonjour Boulder Dash®: Pirate's Quest™ Brain Games: Chess BufferChm Build-a-Lot 4: Power Source Build-a-lot: On Vacation C4200 c4200_Help CallerIP Canasta From Special K Capitalism II CCleaner Champion Chef Cheat Engine 6.1 Chocolatier 2 - Secret Ingredients Coconut Queen (remove only) Compatibility Pack for the 2007 Office system ConvertXtoDVD 3.0.0.1 Copy Cradle of Persia 1.00 Creative Audio Control Panel Creative Console Launcher Creative MediaSource 5 Creative Software AutoUpdate Creative System Information Creative WaveStudio 7 Cribbage Critical Update for Windows Media Player 11 (KB959772) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destination Component DeviceDiscovery DeviceManagementQFolder Diablo II DocProc DocProcQFolder Downloader Dragon Keeper Drawn: Dark Flight ® DVD Shrink 3.2 East India Company Collection Empire Earth II eSupportQFolder F.E.A.R. 2: Project Origin Fallout 3 Farm Tribe Fate of the Pharaoh FINAL FANTASY XIV Fishdom (remove only) fishsim2 Fishsim2.11h+ FlashGet 3.3 Flower Story - Fairy Quest FREEping Garden Defense Gardenscapes 1.00 Garmin USB Drivers Garmin WebUpdater Gatling Gears gBurner GFI LANguard 9.6 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Governor of Poker Greek Goddesses of Solitaire Guild Wars Honeybee Hospital Tycoon Hot Dish Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Hoyle Board Games 2003 HP Imaging Device Functions 8.0 HP OCR Software 8.0 HP Photosmart All-In-One Driver Software 9.0.A Corporate Edition HP Photosmart All-In-One Software 8.0 HP Photosmart Essential HP Product Assistant HP Product Detection HP Smart Web Printing 1.0 HP Solution Center 8.0 HP Update HPProductAssistant Hunting Unlimited 2010 Island Tribe 1.00 Island Tribe 2 iTunes Java 7 Update 9 Java Auto Updater Java 6 Update 29 JavaFX 2.1.1 Junk Mail filter update K-Lite Mega Codec Pack 6.5.5 Kingdom Chronicles Collector's Edition Land Grabbers Left 4 Dead 2 Left 4 Dead 2 Add-on Support Left 4 Dead 2 Authoring Tools Legends of Atlantis: Exodus Magic FLAC to MP3 Converter 3.71 MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.65.1.1000 Marblez Matroska Pack - Lazy Man's MKV 0.9.9 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Easy Assist v2 Microsoft Fix it Center Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Halo Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft LifeCam Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Windows XP Video Decoder Checkup Utility Microsoft Works 6-9 Converter Microsoft WSE 3.0 Runtime Miriel the Magical Merchant (remove only) MobileMe Control Panel Monopoly (remove only) Monument Builders: Eiffel Tower Mortimer Beckett and the Time Paradox MotoHelper 2.1.32 Driver 5.4.0 MotoHelper MergeModules MOTOROLA MEDIA LINK Motorola Mobile Drivers Installation 5.4.0 Mount&Blade With Fire and Sword Mozilla Firefox 8.0.1 (x86 en-GB) MSVC80_x86 MSVC80_x86_v2 MSVC90_x86 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK My Farm Life 2 My Kingdom For The Princess II My Life Story (remove only) My Tribe Nero 11 Nero 8 Essentials Nero Abstract Themes Nero Audio Pack 1 Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Backup Drivers Nero Blu-ray Player Nero Burning ROM 11 Nero Burning ROM 11 Help (CHM) Nero Cliparts Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero CoverDesigner 11 Nero CoverDesigner 11 Help (CHM) Nero Disc Menus 1 Nero Disc Menus 2 Nero Disc Menus 3 Nero Disc Menus Basic Nero Effects Basic Nero Express 11 Nero Express 11 Help (CHM) Nero Family and Events Themes Nero Football (Soccer) Themes Nero Holiday and Sports Themes Nero Image Samples Nero Kwik Media Nero Kwik Media Help (CHM) Nero Kwik Themes Basic Nero PiP Effects 1 Nero PiP Effects Basic Nero Prerequisite Installer 1.0 Nero Recode 11 Nero Recode 11 Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero SharedVideoCodecs Nero SoundTrax 11 Nero SoundTrax 11 Help (CHM) Nero Update Nero Video 11 Nero Video 11 Help (CHM) Nero Video Samples Nero Video Transitions 1 Nero WaveEditor 11 Nero WaveEditor 11 Help (CHM) nero.prerequisites.msi neroxml New Yankee in King Arthur's Court Nokia Connectivity Cable Driver Nokia Ovi Suite Nokia Ovi Suite Software Updater Nokia PC Suite Nokia Software Updater NVIDIA Control Panel 267.59 NVIDIA Graphics Driver 267.59 NVIDIA HD Audio Driver 1.1.13.1 NVIDIA Install Application NVIDIA nView 136.18 NVIDIA nView Desktop Manager NVIDIA PhysX NVIDIA PhysX System Software 9.12.0213 NVIDIA Update 1.7.11 NVIDIA Update Components OGA Notifier 2.0.0048.0 Open Sea Fishing OpenAL Opera 11.60 Ovi Desktop Sync Engine OviMPlatform Pakoombo Path To Success PC Connectivity Solution Photo Story 3 for Windows PL-2303 USB-to-Serial Plants vs. Zombies (remove only) ps_aio_corporate PS_AIO_ProductContext PS_AIO_Software PS_AIO_Software_min PunkBuster Services QuickTime Railroad Tycoon 3 Railroad Tycoon 3 1.06 Rapala Pro Fishing RAW - Realms of Ancient War REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Robinson Crusoe and The Cursed Pirates Royal Envoy Collector's Edition Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618444) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647516) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Seeds of Sorcery Segoe UI Shaban Sid Meier's Railroads! Simon3D Skype Toolbars Skype™ 5.10 Smart Defrag 2 SolutionCenter SoundFont Bank Manager SPORE™ SPORE™ Galactic Adventures Star Defender 4 Status Steam swMSM Sylenth1 v2.20 System Requirements Lab The Chronicles of Spellborn The Fall Trilogy 1.00 The Golden Years: Way Out West The Island: Castaway 2 The Sims Carnival - BumperBlast The Sims Medieval The Timebuilders - Caveman's Prophecy TomTom HOME 2.7.3.1894 TomTom HOME Visual Studio Merge Modules Toolbox TrackMania 2 TrayApp Trucks & Trailers 1.00 Turbo Subs Tweak UI Ubisoft Game Launcher Undelete 360 Uniblue DriverScanner 2009 Uniblue System Tweaker UnloadSupport Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) User Profile Hive Cleanup Service VC80CRTRedist - 8.0.50727.6195 VCRedistSetup Virtual City (remove only) Virtual Villagers - The Secret City Virtual Villagers - The Secret City 1.0 Virtual Villagers 3 - The Secret City Fixed Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebFldrs XP WebReg Welcome App (Start-up experience) Westward IV - All Aboard (remove only) Windows 7 Upgrade Advisor Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4) Windows Driver Package - Nokia Modem (10/05/2009 4.2) Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Management Framework Core Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin Windows Search 4.0 WinPcap 4.1.2 WinRAR archiver Wireshark 1.4.1 World Mosaics 4 1.00 World Of Zellians Youda Farmer 3 - Seasons Youda Survivor . ==== Event Viewer Messages From Past Week ======== . 3/11/2012 10:18:16 PM, error: Service Control Manager [7022] - The WebClient service hung on starting. 2/11/2012 8:13:49 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found. 2/11/2012 5:30:26 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 2/11/2012 5:30:13 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service hpqddsvc with arguments "" in order to run the server: {2C82180E-8C3C-4A1B-BEB1-B9140713E701} . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.