Jump to content

carolcoleman8353

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

Reputation

0 Neutral
  1. carolcoleman8353
    Well it's finally finished after more thean 3 hours and no threats were found. Thank you.
  2. carolcoleman8353
    i have been doing all this for the past 3 hours. I now have to get dinner,good job I'm retired eh?
  3. carolcoleman8353
    Oh Wow this is so much better-thanks. I can now open a couple of websites that were blocked before- ones that my friends had no trouble with. Brilliant and thank you so much for your help. Carol
  4. carolcoleman8353
    Should I notice sometthing different then? I'll check. Thanks.
  5. carolcoleman8353
    Oh well here we go again !!! LOL Hope this all means something to you? ComboFix 12-11-06.03 - Owner 07/11/2012 17:23:37.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.372 [GMT 0:00] Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard Firewall *Disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc10.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc11.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc12.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc120.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc139.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13B.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13F.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc147.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc14F.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16A.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16C.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc183.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc189.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1D6.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1E5.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1FE.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc222.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc22B.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc23.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc26.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2A.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B9.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2BF.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2D6.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2E.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2F.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc311.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc32F.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc35.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc36.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc37.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc39D.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3B.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3D.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc40.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc41.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc43.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc44.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc45.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc47C.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4A.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4B.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C1.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc51.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc5C.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc60.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc67.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc7.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc79.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc8.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc90.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc91.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc92.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc93.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc95.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9E.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9F.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA0.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB3.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB4.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBC.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBE.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC2.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC3.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccCD.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD1.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD7.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF.tmp c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF0.tmp c:\documents and settings\Owner\WINDOWS c:\windows\AutoRun.ini c:\windows\system\oeminfo.ini . . ((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 ))))))))))))))))))))))))))))))) . . 2012-10-25 11:55 . 2012-10-25 11:55 -------- d-----w- c:\documents and settings\Owner\Application Data\EPSON 2012-10-17 08:44 . 2012-10-17 08:44 -------- d-----w- c:\program files\Common Files\Java . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-09 21:58 . 2012-03-30 05:59 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-09 21:58 . 2011-05-18 06:13 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-29 18:54 . 2009-12-28 12:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-24 14:32 . 2012-07-03 15:23 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-24 14:32 . 2010-04-20 08:36 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-24 12:51 . 2012-07-03 15:23 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-28 15:14 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2012-08-27 11:29 . 2010-03-18 16:03 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:29 . 2004-08-04 12:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2004-08-03 22:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-17 16:33 . 2010-04-19 12:16 54624 ----a-w- c:\windows\system32\BGLsp.dll 2012-10-27 16:40 . 2012-10-27 16:39 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SiSPower"="SiSPower.dll" [2005-05-13 49152] "BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-09-11 1756512] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2011-02-07 18:52 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_McciTrayApp] 2012-07-05 05:58 1988608 ----a-w- c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-03-10 17:47 385024 ----a-w- c:\program files\QuickTime\qttask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-09-17 11:41 254896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\rtcshare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpBrowser.exe"= "c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpNotifier.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"= . R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [12/03/2010 09:34 64608] R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [27/01/2011 07:13 789960] R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [27/01/2011 07:13 19272] R2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe -k BullGuard_Backup [04/08/2004 12:00 14336] R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [27/01/2011 07:13 321376] R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336] R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard_Proxy [04/08/2004 12:00 14336] R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [04/08/2004 12:00 14336] R2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [03/03/2010 20:07 178528] R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [27/08/2012 11:26 304480] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [18/09/2012 17:22 399432] R2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [31/07/2012 07:21 361472] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [04/12/2009 10:00 32512] R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [04/12/2009 10:00 284928] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28/12/2009 12:48 676936] S2 ScanDrv;ScanDrv; [x] S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28/12/2009 12:48 22856] . --- Other Services/Drivers In Memory --- . *Deregistered* - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser BullGuard_Backup REG_MULTI_SZ BsBackup BullGuard_Proxy REG_MULTI_SZ BsMailProxy . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 04:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:58] . 2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52] . 2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52] . 2012-11-06 c:\windows\Tasks\User_Feed_Synchronization-{ECE78649-45F4-47A2-A1F7-0CF98E5AC97F}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 04:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 uInternet Settings,ProxyOverride = <local> TCP: DhcpNameServer = 192.168.1.254 DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\uorzh9uj.default\ FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/ FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) MSConfigStartUp-Loaris Trojan Remover - c:\program files\Loaris Trojan Remover\TrojanRemover.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-07 17:37 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(416) c:\windows\system32\BgGamingMonitor.dll c:\program files\Citrix\GoToAssist\570\G2AWinLogon.dll . - - - - - - - > 'lsass.exe'(472) c:\windows\system32\BgGamingMonitor.dll . Completion time: 2012-11-07 17:41:18 ComboFix-quarantined-files.txt 2012-11-07 17:41 . Pre-Run: 59,311,816,704 bytes free Post-Run: 59,534,917,632 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 3F538FADE40CF55512041C25685DF71B
  6. carolcoleman8353
    Is this it? 07:42:54.0281 2396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 07:42:55.0250 2396 ============================================================ 07:42:55.0250 2396 Current date / time: 2012/11/07 07:42:55.0250 07:42:55.0250 2396 SystemInfo: 07:42:55.0250 2396 07:42:55.0250 2396 OS Version: 5.1.2600 ServicePack: 3.0 07:42:55.0250 2396 Product type: Workstation 07:42:55.0250 2396 ComputerName: OFFICE 07:42:55.0250 2396 UserName: Owner 07:42:55.0250 2396 Windows directory: C:\WINDOWS 07:42:55.0250 2396 System windows directory: C:\WINDOWS 07:42:55.0250 2396 Processor architecture: Intel x86 07:42:55.0250 2396 Number of processors: 1 07:42:55.0250 2396 Page size: 0x1000 07:42:55.0250 2396 Boot type: Normal boot 07:42:55.0250 2396 ============================================================ 07:42:57.0968 2396 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 07:42:58.0031 2396 ============================================================ 07:42:58.0031 2396 \Device\Harddisk0\DR0: 07:42:58.0031 2396 MBR partitions: 07:42:58.0031 2396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x996051C 07:42:58.0031 2396 ============================================================ 07:42:58.0078 2396 C: <-> \Device\Harddisk0\DR0\Partition1 07:42:58.0078 2396 ============================================================ 07:42:58.0078 2396 Initialize success 07:42:58.0078 2396 ============================================================ 07:43:41.0828 3004 ============================================================ 07:43:41.0828 3004 Scan started 07:43:41.0828 3004 Mode: Manual; TDLFS; 07:43:41.0828 3004 ============================================================ 07:43:43.0250 3004 ================ Scan system memory ======================== 07:43:45.0828 3004 System memory - ok 07:43:45.0828 3004 ================ Scan services ============================= 07:43:45.0953 3004 Abiosdsk - ok 07:43:45.0968 3004 abp480n5 - ok 07:43:46.0031 3004 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 07:43:46.0046 3004 ACPI - ok 07:43:46.0093 3004 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 07:43:46.0093 3004 ACPIEC - ok 07:43:46.0234 3004 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 07:43:46.0250 3004 AdobeFlashPlayerUpdateSvc - ok 07:43:46.0265 3004 adpu160m - ok 07:43:46.0328 3004 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys 07:43:46.0328 3004 aeaudio - ok 07:43:46.0390 3004 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 07:43:46.0406 3004 aec - ok 07:43:46.0468 3004 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 07:43:46.0468 3004 AFD - ok 07:43:46.0515 3004 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys 07:43:46.0531 3004 AFS2K - ok 07:43:46.0578 3004 [ F20D3CEAE69F409A7775A8B8B36CEC58 ] afw C:\WINDOWS\system32\DRIVERS\afw.sys 07:43:46.0578 3004 afw - ok 07:43:46.0625 3004 [ 335A00B9B984069AF6C10EC9C6340324 ] afwcore C:\WINDOWS\system32\DRIVERS\afwcore.sys 07:43:46.0625 3004 afwcore - ok 07:43:46.0640 3004 Aha154x - ok 07:43:46.0671 3004 aic78u2 - ok 07:43:46.0687 3004 aic78xx - ok 07:43:46.0734 3004 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 07:43:46.0734 3004 Alerter - ok 07:43:46.0781 3004 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 07:43:46.0781 3004 ALG - ok 07:43:46.0796 3004 AliIde - ok 07:43:46.0812 3004 amsint - ok 07:43:46.0843 3004 AppMgmt - ok 07:43:46.0859 3004 asc - ok 07:43:46.0890 3004 asc3350p - ok 07:43:46.0906 3004 asc3550 - ok 07:43:47.0062 3004 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 07:43:47.0187 3004 aspnet_state - ok 07:43:47.0234 3004 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 07:43:47.0234 3004 AsyncMac - ok 07:43:47.0281 3004 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 07:43:47.0281 3004 atapi - ok 07:43:47.0328 3004 Atdisk - ok 07:43:47.0375 3004 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 07:43:47.0375 3004 Atmarpc - ok 07:43:47.0421 3004 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 07:43:47.0421 3004 AudioSrv - ok 07:43:47.0468 3004 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 07:43:47.0484 3004 audstub - ok 07:43:47.0546 3004 [ 42175A3B56922A8C9A294FA6F0B18344 ] BdSpy C:\WINDOWS\system32\DRIVERS\BdSpy.sys 07:43:47.0546 3004 BdSpy - ok 07:43:47.0609 3004 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 07:43:47.0656 3004 Beep - ok 07:43:47.0734 3004 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 07:43:47.0750 3004 BITS - ok 07:43:47.0796 3004 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 07:43:47.0796 3004 Browser - ok 07:43:47.0937 3004 [ 0271B8667BCDE590A6F6205209359EEF ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll 07:43:47.0937 3004 BsBackup - ok 07:43:48.0000 3004 [ FB283DFF8DB224359AC43BE70BB8902B ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 07:43:48.0015 3004 BsBhvScan - ok 07:43:48.0031 3004 [ A1FB74B2CBBF373AFCFB647894341F73 ] BsFileScan C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll 07:43:48.0046 3004 BsFileScan - ok 07:43:48.0093 3004 [ C42A4EF09D8539F1CFA2676579F44987 ] BsFire C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll 07:43:48.0109 3004 BsFire - ok 07:43:48.0187 3004 [ 9060850E3EFC91D40A157B347A03D6FB ] BsMailProxy C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll 07:43:48.0203 3004 BsMailProxy - ok 07:43:48.0281 3004 [ EE6A1DBC67AE54C260304676B9E7B439 ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll 07:43:48.0281 3004 BsMain - ok 07:43:48.0328 3004 [ 69D38B2E736F8E8BC97D4638B682DEEF ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe 07:43:48.0328 3004 BsScanner - ok 07:43:48.0406 3004 [ 0AEC20CDC63860592ACAFA886B01599A ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 07:43:48.0406 3004 BsUpdate - ok 07:43:48.0453 3004 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 07:43:48.0484 3004 cbidf2k - ok 07:43:48.0500 3004 cd20xrnt - ok 07:43:48.0562 3004 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 07:43:48.0687 3004 Cdaudio - ok 07:43:48.0734 3004 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 07:43:48.0765 3004 Cdfs - ok 07:43:48.0796 3004 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 07:43:48.0796 3004 Cdrom - ok 07:43:48.0812 3004 Changer - ok 07:43:48.0875 3004 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 07:43:48.0875 3004 CiSvc - ok 07:43:48.0906 3004 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 07:43:48.0906 3004 ClipSrv - ok 07:43:48.0953 3004 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 07:43:49.0062 3004 clr_optimization_v2.0.50727_32 - ok 07:43:49.0078 3004 CmdIde - ok 07:43:49.0109 3004 COMSysApp - ok 07:43:49.0140 3004 Cpqarray - ok 07:43:49.0156 3004 Crypkey License - ok 07:43:49.0218 3004 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 07:43:49.0218 3004 CryptSvc - ok 07:43:49.0234 3004 dac2w2k - ok 07:43:49.0265 3004 dac960nt - ok 07:43:49.0359 3004 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 07:43:49.0375 3004 DcomLaunch - ok 07:43:49.0421 3004 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 07:43:49.0437 3004 Dhcp - ok 07:43:49.0453 3004 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 07:43:49.0453 3004 Disk - ok 07:43:49.0484 3004 dmadmin - ok 07:43:49.0546 3004 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 07:43:49.0562 3004 dmboot - ok 07:43:49.0593 3004 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 07:43:49.0609 3004 dmio - ok 07:43:49.0640 3004 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 07:43:49.0656 3004 dmload - ok 07:43:49.0687 3004 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 07:43:49.0687 3004 dmserver - ok 07:43:49.0718 3004 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 07:43:49.0718 3004 DMusic - ok 07:43:49.0781 3004 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 07:43:49.0781 3004 Dnscache - ok 07:43:49.0828 3004 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 07:43:49.0843 3004 Dot3svc - ok 07:43:49.0843 3004 dpti2o - ok 07:43:49.0890 3004 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 07:43:49.0890 3004 drmkaud - ok 07:43:49.0921 3004 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 07:43:49.0937 3004 EapHost - ok 07:43:50.0031 3004 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE 07:43:50.0031 3004 EPSON_PM_RPCV4_01 - ok 07:43:50.0093 3004 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 07:43:50.0093 3004 ERSvc - ok 07:43:50.0171 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 07:43:50.0171 3004 Eventlog - ok 07:43:50.0218 3004 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 07:43:50.0234 3004 EventSystem - ok 07:43:50.0312 3004 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 07:43:50.0328 3004 Fastfat - ok 07:43:50.0375 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 07:43:50.0390 3004 FastUserSwitchingCompatibility - ok 07:43:50.0406 3004 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 07:43:50.0421 3004 Fdc - ok 07:43:50.0437 3004 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 07:43:50.0437 3004 Fips - ok 07:43:50.0500 3004 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 07:43:50.0500 3004 Flpydisk - ok 07:43:50.0562 3004 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 07:43:50.0562 3004 FltMgr - ok 07:43:50.0656 3004 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 07:43:50.0656 3004 FontCache3.0.0.0 - ok 07:43:50.0687 3004 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 07:43:50.0703 3004 Fs_Rec - ok 07:43:50.0734 3004 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 07:43:50.0734 3004 Ftdisk - ok 07:43:50.0750 3004 FXDRV - ok 07:43:50.0781 3004 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys 07:43:50.0781 3004 gagp30kx - ok 07:43:50.0859 3004 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe 07:43:50.0875 3004 GoToAssist - ok 07:43:50.0906 3004 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 07:43:50.0921 3004 Gpc - ok 07:43:51.0031 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 07:43:51.0031 3004 gupdate - ok 07:43:51.0046 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 07:43:51.0046 3004 gupdatem - ok 07:43:51.0140 3004 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 07:43:51.0140 3004 helpsvc - ok 07:43:51.0187 3004 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 07:43:51.0187 3004 HidServ - ok 07:43:51.0218 3004 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 07:43:51.0218 3004 HidUsb - ok 07:43:51.0281 3004 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 07:43:51.0296 3004 hkmsvc - ok 07:43:51.0312 3004 hpn - ok 07:43:51.0406 3004 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 07:43:51.0406 3004 HTTP - ok 07:43:51.0468 3004 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 07:43:51.0468 3004 HTTPFilter - ok 07:43:51.0484 3004 i2omgmt - ok 07:43:51.0500 3004 i2omp - ok 07:43:51.0562 3004 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 07:43:51.0562 3004 i8042prt - ok 07:43:51.0656 3004 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 07:43:51.0687 3004 idsvc - ok 07:43:51.0734 3004 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 07:43:51.0734 3004 Imapi - ok 07:43:51.0796 3004 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 07:43:51.0812 3004 ImapiService - ok 07:43:51.0828 3004 ini910u - ok 07:43:51.0968 3004 [ 874DB5E07FE2A7F1B22F7C760736F6F4 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys 07:43:52.0046 3004 IntelC51 - ok 07:43:52.0093 3004 [ 4C0F190119EBC5CE728C9D060D8AE3E7 ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys 07:43:52.0109 3004 IntelC52 - ok 07:43:52.0156 3004 [ 85B36BC9E8FA579C64DE88FFECECCE6C ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys 07:43:52.0171 3004 IntelC53 - ok 07:43:52.0187 3004 IntelIde - ok 07:43:52.0234 3004 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 07:43:52.0234 3004 Ip6Fw - ok 07:43:52.0281 3004 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 07:43:52.0296 3004 IpFilterDriver - ok 07:43:52.0328 3004 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 07:43:52.0328 3004 IpInIp - ok 07:43:52.0375 3004 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 07:43:52.0375 3004 IpNat - ok 07:43:52.0437 3004 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 07:43:52.0453 3004 IPSec - ok 07:43:52.0484 3004 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 07:43:52.0484 3004 IRENUM - ok 07:43:52.0531 3004 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 07:43:52.0531 3004 isapnp - ok 07:43:52.0625 3004 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 07:43:52.0625 3004 JavaQuickStarterService - ok 07:43:52.0671 3004 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 07:43:52.0671 3004 Kbdclass - ok 07:43:52.0734 3004 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 07:43:52.0734 3004 kbdhid - ok 07:43:52.0765 3004 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 07:43:52.0765 3004 kmixer - ok 07:43:52.0812 3004 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 07:43:52.0812 3004 KSecDD - ok 07:43:52.0875 3004 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 07:43:52.0890 3004 lanmanserver - ok 07:43:52.0953 3004 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 07:43:52.0953 3004 lanmanworkstation - ok 07:43:52.0984 3004 lbrtfdc - ok 07:43:53.0046 3004 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 07:43:53.0046 3004 LmHosts - ok 07:43:53.0109 3004 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 07:43:53.0156 3004 MBAMProtector - ok 07:43:53.0250 3004 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 07:43:53.0343 3004 MBAMScheduler - ok 07:43:53.0390 3004 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 07:43:53.0453 3004 MBAMService - ok 07:43:53.0500 3004 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 07:43:53.0500 3004 Messenger - ok 07:43:53.0546 3004 [ 8C7D037A53B495E7C250FD70B158B581 ] MidiSyn C:\WINDOWS\system32\drivers\MidiSyn.sys 07:43:53.0546 3004 MidiSyn - ok 07:43:53.0609 3004 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 07:43:53.0625 3004 mnmdd - ok 07:43:53.0671 3004 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 07:43:53.0687 3004 mnmsrvc - ok 07:43:53.0734 3004 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 07:43:53.0734 3004 Modem - ok 07:43:53.0781 3004 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 07:43:53.0781 3004 MODEMCSA - ok 07:43:53.0812 3004 [ F2CC6273E7DE087DC0FD701F753461CA ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys 07:43:53.0812 3004 mohfilt - ok 07:43:53.0843 3004 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 07:43:53.0843 3004 Mouclass - ok 07:43:53.0906 3004 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 07:43:53.0906 3004 mouhid - ok 07:43:53.0921 3004 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 07:43:53.0937 3004 MountMgr - ok 07:43:54.0000 3004 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 07:43:54.0046 3004 MozillaMaintenance - ok 07:43:54.0062 3004 mraid35x - ok 07:43:54.0140 3004 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 07:43:54.0187 3004 MREMP50 - ok 07:43:54.0203 3004 MREMPR5 - ok 07:43:54.0218 3004 MRENDIS5 - ok 07:43:54.0281 3004 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 07:43:54.0296 3004 MRESP50 - ok 07:43:54.0343 3004 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 07:43:54.0343 3004 MRxDAV - ok 07:43:54.0421 3004 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 07:43:54.0437 3004 MRxSmb - ok 07:43:54.0484 3004 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 07:43:54.0484 3004 MSDTC - ok 07:43:54.0515 3004 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 07:43:54.0531 3004 Msfs - ok 07:43:54.0546 3004 MSIServer - ok 07:43:54.0593 3004 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 07:43:54.0593 3004 MSKSSRV - ok 07:43:54.0609 3004 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 07:43:54.0609 3004 MSPCLOCK - ok 07:43:54.0656 3004 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 07:43:54.0656 3004 MSPQM - ok 07:43:54.0687 3004 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 07:43:54.0687 3004 mssmbios - ok 07:43:54.0750 3004 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 07:43:54.0750 3004 Mup - ok 07:43:54.0812 3004 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 07:43:54.0828 3004 napagent - ok 07:43:54.0890 3004 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 07:43:54.0937 3004 NDIS - ok 07:43:55.0000 3004 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 07:43:55.0000 3004 NdisTapi - ok 07:43:55.0031 3004 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 07:43:55.0031 3004 Ndisuio - ok 07:43:55.0046 3004 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 07:43:55.0046 3004 NdisWan - ok 07:43:55.0109 3004 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 07:43:55.0109 3004 NDProxy - ok 07:43:55.0171 3004 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 07:43:55.0171 3004 NetBIOS - ok 07:43:55.0203 3004 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 07:43:55.0203 3004 NetBT - ok 07:43:55.0265 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 07:43:55.0265 3004 NetDDE - ok 07:43:55.0296 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 07:43:55.0296 3004 NetDDEdsdm - ok 07:43:55.0328 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 07:43:55.0343 3004 Netlogon - ok 07:43:55.0375 3004 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 07:43:55.0390 3004 Netman - ok 07:43:55.0437 3004 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 07:43:55.0437 3004 NetTcpPortSharing - ok 07:43:55.0484 3004 [ 2643E42EED808AAEB147877FEBD110A6 ] NetworkX C:\WINDOWS\system32\ckldrv.sys 07:43:55.0546 3004 NetworkX - ok 07:43:55.0609 3004 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 07:43:55.0625 3004 Nla - ok 07:43:55.0718 3004 [ CB9751585223A77785B915B0591D71F0 ] NovaShieldFilterDriver C:\WINDOWS\system32\DRIVERS\NSKernel.sys 07:43:55.0734 3004 NovaShieldFilterDriver - ok 07:43:55.0765 3004 [ ED6AF59B384A092E1C42DF79B483B952 ] NovaShieldTDIDriver C:\WINDOWS\system32\DRIVERS\NSNetmon.sys 07:43:55.0765 3004 NovaShieldTDIDriver - ok 07:43:55.0796 3004 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 07:43:55.0843 3004 Npfs - ok 07:43:55.0890 3004 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 07:43:55.0921 3004 Ntfs - ok 07:43:55.0953 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 07:43:55.0953 3004 NtLmSsp - ok 07:43:56.0015 3004 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 07:43:56.0015 3004 NtmsSvc - ok 07:43:56.0062 3004 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 07:43:56.0078 3004 Null - ok 07:43:56.0125 3004 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 07:43:56.0125 3004 NwlnkFlt - ok 07:43:56.0156 3004 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 07:43:56.0156 3004 NwlnkFwd - ok 07:43:56.0218 3004 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 07:43:56.0218 3004 ohci1394 - ok 07:43:56.0312 3004 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 07:43:56.0312 3004 ose - ok 07:43:56.0359 3004 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 07:43:56.0359 3004 Parport - ok 07:43:56.0390 3004 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 07:43:56.0406 3004 PartMgr - ok 07:43:56.0453 3004 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 07:43:56.0468 3004 ParVdm - ok 07:43:56.0531 3004 [ C96C14987F167F461266A6C6028B698B ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe 07:43:56.0625 3004 pcCMService - ok 07:43:56.0687 3004 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 07:43:56.0687 3004 PCI - ok 07:43:56.0718 3004 PCIDump - ok 07:43:56.0734 3004 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 07:43:56.0734 3004 PCIIde - ok 07:43:56.0765 3004 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 07:43:56.0781 3004 Pcmcia - ok 07:43:56.0796 3004 PDCOMP - ok 07:43:56.0812 3004 PDFRAME - ok 07:43:56.0828 3004 PDRELI - ok 07:43:56.0843 3004 PDRFRAME - ok 07:43:56.0875 3004 perc2 - ok 07:43:56.0890 3004 perc2hib - ok 07:43:56.0968 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 07:43:56.0968 3004 PlugPlay - ok 07:43:57.0031 3004 [ 5C71F7CDD1B4BA5F00B87CA05E414AEA ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys 07:43:57.0031 3004 Point32 - ok 07:43:57.0046 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 07:43:57.0046 3004 PolicyAgent - ok 07:43:57.0093 3004 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 07:43:57.0093 3004 PptpMiniport - ok 07:43:57.0140 3004 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 07:43:57.0140 3004 Processor - ok 07:43:57.0187 3004 [ DE11F5C3E9BDA993B65E1518D46BC438 ] Profos C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys 07:43:57.0218 3004 Profos - ok 07:43:57.0250 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 07:43:57.0250 3004 ProtectedStorage - ok 07:43:57.0296 3004 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 07:43:57.0296 3004 PSched - ok 07:43:57.0328 3004 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 07:43:57.0328 3004 Ptilink - ok 07:43:57.0359 3004 ql1080 - ok 07:43:57.0375 3004 Ql10wnt - ok 07:43:57.0406 3004 ql12160 - ok 07:43:57.0421 3004 ql1240 - ok 07:43:57.0437 3004 ql1280 - ok 07:43:57.0484 3004 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 07:43:57.0484 3004 RasAcd - ok 07:43:57.0515 3004 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 07:43:57.0531 3004 RasAuto - ok 07:43:57.0562 3004 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 07:43:57.0578 3004 Rasl2tp - ok 07:43:57.0640 3004 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 07:43:57.0656 3004 RasMan - ok 07:43:57.0671 3004 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 07:43:57.0671 3004 RasPppoe - ok 07:43:57.0703 3004 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 07:43:57.0703 3004 Raspti - ok 07:43:57.0734 3004 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 07:43:57.0750 3004 Rdbss - ok 07:43:57.0765 3004 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 07:43:57.0765 3004 RDPCDD - ok 07:43:57.0843 3004 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 07:43:57.0843 3004 RDPWD - ok 07:43:57.0890 3004 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 07:43:57.0921 3004 RDSessMgr - ok 07:43:57.0953 3004 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 07:43:57.0968 3004 redbook - ok 07:43:58.0015 3004 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 07:43:58.0015 3004 RemoteAccess - ok 07:43:58.0046 3004 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 07:43:58.0062 3004 RpcLocator - ok 07:43:58.0125 3004 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 07:43:58.0125 3004 RpcSs - ok 07:43:58.0171 3004 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 07:43:58.0187 3004 RSVP - ok 07:43:58.0218 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 07:43:58.0218 3004 SamSs - ok 07:43:58.0250 3004 ScanDrv - ok 07:43:58.0281 3004 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 07:43:58.0281 3004 SCardSvr - ok 07:43:58.0343 3004 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 07:43:58.0343 3004 Schedule - ok 07:43:58.0421 3004 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 07:43:58.0421 3004 Secdrv - ok 07:43:58.0468 3004 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 07:43:58.0468 3004 seclogon - ok 07:43:58.0515 3004 [ BB596A578330AD794C6769B588AF6BB4 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys 07:43:58.0515 3004 senfilt - ok 07:43:58.0562 3004 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 07:43:58.0562 3004 SENS - ok 07:43:58.0609 3004 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 07:43:58.0609 3004 serenum - ok 07:43:58.0640 3004 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 07:43:58.0640 3004 Serial - ok 07:43:58.0687 3004 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 07:43:58.0703 3004 Sfloppy - ok 07:43:58.0781 3004 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 07:43:58.0781 3004 SharedAccess - ok 07:43:58.0828 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 07:43:58.0828 3004 ShellHWDetection - ok 07:43:58.0843 3004 Simbad - ok 07:43:58.0906 3004 [ 20659BC41D142236F0DCFCE519A9F2B7 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys 07:43:58.0937 3004 SiS315 - ok 07:43:58.0968 3004 [ 882382BA1743729484665F19A7DC9E9F ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys 07:43:58.0984 3004 SiSkp - ok 07:43:59.0046 3004 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys 07:43:59.0046 3004 SISNIC - ok 07:43:59.0171 3004 [ 1319EA66A96250D59665D133C0FF7CD0 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 07:43:59.0218 3004 smwdm - ok 07:43:59.0265 3004 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 07:43:59.0375 3004 SoundMAX Agent Service (default) - ok 07:43:59.0406 3004 Sparrow - ok 07:43:59.0468 3004 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 07:43:59.0468 3004 splitter - ok 07:43:59.0546 3004 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 07:43:59.0546 3004 Spooler - ok 07:43:59.0609 3004 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 07:43:59.0609 3004 sr - ok 07:43:59.0687 3004 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 07:43:59.0703 3004 srservice - ok 07:43:59.0781 3004 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 07:43:59.0781 3004 Srv - ok 07:43:59.0859 3004 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 07:43:59.0859 3004 SSDPSRV - ok 07:43:59.0890 3004 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 07:43:59.0906 3004 stisvc - ok 07:43:59.0953 3004 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 07:43:59.0953 3004 swenum - ok 07:43:59.0984 3004 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 07:43:59.0984 3004 swmidi - ok 07:44:00.0015 3004 SwPrv - ok 07:44:00.0031 3004 symc810 - ok 07:44:00.0062 3004 symc8xx - ok 07:44:00.0078 3004 sym_hi - ok 07:44:00.0093 3004 sym_u3 - ok 07:44:00.0125 3004 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 07:44:00.0125 3004 sysaudio - ok 07:44:00.0187 3004 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 07:44:00.0187 3004 SysmonLog - ok 07:44:00.0234 3004 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 07:44:00.0250 3004 TapiSrv - ok 07:44:00.0359 3004 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 07:44:00.0375 3004 Tcpip - ok 07:44:00.0421 3004 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 07:44:00.0437 3004 TDPIPE - ok 07:44:00.0468 3004 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 07:44:00.0484 3004 TDTCP - ok 07:44:00.0531 3004 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 07:44:00.0531 3004 TermDD - ok 07:44:00.0609 3004 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 07:44:00.0609 3004 TermService - ok 07:44:00.0640 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 07:44:00.0656 3004 Themes - ok 07:44:00.0671 3004 TosIde - ok 07:44:00.0703 3004 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 07:44:00.0703 3004 TrkWks - ok 07:44:00.0781 3004 [ B1F9B01F90F08ED91AF5A7D3ED66148C ] Trufos C:\WINDOWS\system32\DRIVERS\Trufos.sys 07:44:00.0781 3004 Trufos - ok 07:44:00.0828 3004 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 07:44:00.0859 3004 Udfs - ok 07:44:00.0875 3004 ultra - ok 07:44:00.0937 3004 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 07:44:00.0953 3004 Update - ok 07:44:01.0015 3004 [ 325FB38C323C63C7F57885B4DFB1B91E ] UPHClean C:\Program Files\UPHClean\uphclean.exe 07:44:01.0140 3004 UPHClean - ok 07:44:01.0203 3004 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 07:44:01.0203 3004 upnphost - ok 07:44:01.0234 3004 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 07:44:01.0234 3004 UPS - ok 07:44:01.0312 3004 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 07:44:01.0312 3004 usbaudio - ok 07:44:01.0328 3004 USBCamera - ok 07:44:01.0375 3004 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 07:44:01.0375 3004 usbccgp - ok 07:44:01.0453 3004 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 07:44:01.0453 3004 usbehci - ok 07:44:01.0484 3004 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 07:44:01.0484 3004 usbhub - ok 07:44:01.0500 3004 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 07:44:01.0500 3004 usbohci - ok 07:44:01.0515 3004 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 07:44:01.0531 3004 usbprint - ok 07:44:01.0546 3004 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 07:44:01.0546 3004 usbscan - ok 07:44:01.0578 3004 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 07:44:01.0593 3004 USBSTOR - ok 07:44:01.0625 3004 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 07:44:01.0640 3004 VgaSave - ok 07:44:01.0671 3004 ViaIde - ok 07:44:01.0703 3004 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 07:44:01.0718 3004 VolSnap - ok 07:44:01.0765 3004 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 07:44:01.0781 3004 VSS - ok 07:44:01.0828 3004 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 07:44:01.0828 3004 W32Time - ok 07:44:01.0859 3004 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 07:44:01.0890 3004 Wanarp - ok 07:44:01.0906 3004 WDICA - ok 07:44:01.0953 3004 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 07:44:01.0953 3004 wdmaud - ok 07:44:02.0015 3004 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 07:44:02.0031 3004 WebClient - ok 07:44:02.0156 3004 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 07:44:02.0156 3004 winmgmt - ok 07:44:02.0234 3004 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 07:44:02.0234 3004 WmdmPmSN - ok 07:44:02.0296 3004 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 07:44:02.0343 3004 WmiApSrv - ok 07:44:02.0437 3004 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 07:44:02.0453 3004 WMPNetworkSvc - ok 07:44:02.0500 3004 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 07:44:02.0500 3004 WS2IFSL - ok 07:44:02.0562 3004 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 07:44:02.0562 3004 wscsvc - ok 07:44:02.0578 3004 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 07:44:02.0593 3004 wuauserv - ok 07:44:02.0640 3004 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 07:44:02.0640 3004 WudfPf - ok 07:44:02.0671 3004 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 07:44:02.0687 3004 WudfRd - ok 07:44:02.0718 3004 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 07:44:02.0718 3004 WudfSvc - ok 07:44:02.0781 3004 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 07:44:02.0796 3004 WZCSVC - ok 07:44:02.0843 3004 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 07:44:02.0859 3004 xmlprov - ok 07:44:02.0953 3004 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 07:44:02.0968 3004 YahooAUService - ok 07:44:02.0984 3004 ================ Scan global =============================== 07:44:03.0000 3004 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 07:44:03.0062 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 07:44:03.0093 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 07:44:03.0125 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 07:44:03.0125 3004 [Global] - ok 07:44:03.0140 3004 ================ Scan MBR ================================== 07:44:03.0156 3004 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0 07:44:03.0375 3004 \Device\Harddisk0\DR0 - ok 07:44:03.0390 3004 ================ Scan VBR ================================== 07:44:03.0390 3004 [ 782ED474EC6A940D0D889C9ABC5866E5 ] \Device\Harddisk0\DR0\Partition1 07:44:03.0406 3004 \Device\Harddisk0\DR0\Partition1 - ok 07:44:03.0406 3004 ============================================================ 07:44:03.0406 3004 Scan finished 07:44:03.0406 3004 ============================================================ 07:44:03.0453 1224 Detected object count: 0 07:44:03.0453 1224 Actual detected object count: 0 07:46:57.0390 3460 Deinitialize success
  7. carolcoleman8353
    I have done as requested,however I can't attach the log as it is too big to copy and I can't select all and copy it? Where do I find the root of the drive? Thanks Carol
  8. carolcoleman8353
    Here's the log Jeff ,thanks very much for trying to help me. Carol aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-11-06 16:45:19 ----------------------------- 16:45:19.093 OS Version: Windows 5.1.2600 Service Pack 3 16:45:19.093 Number of processors: 1 586 0x2C02 16:45:19.093 ComputerName: OFFICE UserName: Owner 16:45:19.671 Initialize success 16:47:26.000 AVAST engine defs: 12110601 16:47:32.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 16:47:32.437 Disk 0 Vendor: ExcelStor_Technology_J880 PF2OA21B Size: 78533MB BusType: 3 16:47:32.468 Disk 0 MBR read successfully 16:47:32.468 Disk 0 MBR scan 16:47:32.531 Disk 0 unknown MBR code 16:47:32.546 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 78528 MB offset 63 16:47:32.562 Disk 0 scanning sectors +160826715 16:47:32.687 Disk 0 scanning C:\WINDOWS\system32\drivers 16:47:56.781 Service scanning 16:48:06.718 Service FXDRV D:\Fxdrv.sys **LOCKED** 21 16:48:33.843 Modules scanning 16:48:56.015 Disk 0 trace - called modules: 16:48:56.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 16:48:56.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8697dab8] 16:48:56.046 3 CLASSPNP.SYS[f7656fd7] -> nt!IofCallDriver -> \Device\0000005b[0x869c9f18] 16:48:56.062 5 ACPI.sys[f74ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86933940] 16:48:56.906 AVAST engine scan C:\WINDOWS 16:49:23.453 AVAST engine scan C:\WINDOWS\system32 16:54:14.500 AVAST engine scan C:\WINDOWS\system32\drivers 16:54:42.656 AVAST engine scan C:\Documents and Settings\Owner 17:23:36.546 AVAST engine scan C:\Documents and Settings\All Users 17:26:50.562 Scan finished successfully 17:32:37.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\My Documents\MBR.dat" 17:32:37.406 The log file has been saved successfully to "C:\Documents and Settings\Owner\My Documents\aswMBR.txt"
  9. carolcoleman8353
    OMG that's really long- sorry!
  10. carolcoleman8353
    I have an outgoing message that has been blocked,so I've been told to download two logs,here they are .Sorry I haven't got a clue what I'm doing and now don;t see the Malware or Bullguard logos at the bottom of my computer.Hope that's okay? DDS (Ver_2012-11-05.02) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37 Run by Owner at 12:42:56 on 2012-11-06 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.419 [GMT 0:00] . AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard Firewall *Disabled* . ============== Running Processes ================ . C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\WINDOWS\system32\crypserv.exe C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Common Files\Motive\pcCMService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Backup C:\WINDOWS\System32\SvcHost.exe -k BullGuard C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 uWindow Title = Windows Internet Explorer provided by Yahoo! uSearch Page = hxxp://www.google.com uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 mDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uProxyOverride = <local> mSearchAssistant = hxxp://www.google.com/ie BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent mRun: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot mRun: [soundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray mRun: [soundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.caminova.net/ja/downloads/getmodule.aspx?lang=en DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install/00/alttiff.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/0/5/7/05796dde-b2ba-4eef-8da4-f99c7e0c9b92/LegitCheckControl.cab DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} - hxxps://fixit.support.microsoft.com/ActiveX/FixItClient.CAB DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341415977484 DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab DPF: {84818113-96C5-11D2-BE39-006008BF4DD5} - hxxp://www.scotlandspeople.gov.uk/Viewers/ActiveXControl/viewdw32.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - hxxps://register.btinternet.com/templates/btwebcontrol028.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{CE017AD2-DA29-44E2-A20E-8A1A6FC2ECE4} : DHCPNameServer = 192.168.1.254 Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\uorzh9uj.default\ FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/ FF - component: c:\program files\bullguard ltd\bullguard\antiphishing\ff\antiphishing@bullguard\components\BGFFComponent.dll FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.8.1\plugins\npybrowserplus_2.8.1.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\motive\npMotive.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} . ============= SERVICES / DRIVERS =============== . R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2010-3-12 64608] R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-1-27 789960] R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-1-27 19272] R2 BsBackup;BullGuard backup service;c:\windows\system32\SvcHost.exe -k BullGuard_Backup [2004-8-4 14336] R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-1-27 321376] R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336] R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336] R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard_Proxy [2004-8-4 14336] R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2004-8-4 14336] R2 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2010-3-3 178528] R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2012-8-27 304480] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-18 399432] R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-7-31 361472] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [2009-12-4 32512] R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [2009-12-4 284928] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-12-28 676936] S2 ScanDrv;ScanDrv; [x] S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-28 22856] . =============== Created Last 30 ================ . 2012-10-27 16:39:59 638432 ----a-w- c:\program files\mozilla firefox\nss3.dll . ==================== Find3M ==================== . 2012-10-09 21:58:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-09 21:58:25 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-24 14:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-24 14:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-24 12:51:47 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec 2012-08-27 11:29:43 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:29:19 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58:06 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-17 16:33:51 54624 ----a-w- c:\windows\system32\BGLsp.dll . ============= FINISH: 12:44:58.54 =============== And . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-05.02) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 23/03/2006 15:52:22 System Uptime: 06/11/2012 08:44:12 (4 hours ago) . Motherboard: WinFast | | 760GXK8MC Processor: AMD Sempron Processor 2600+ | Socket 940 | 1599/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 77 GiB total, 55.514 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1329: 04/08/2012 10:25:47 - System Checkpoint RP1330: 05/08/2012 11:04:21 - System Checkpoint RP1331: 07/08/2012 09:09:13 - System Checkpoint RP1332: 08/08/2012 09:27:51 - System Checkpoint RP1333: 09/08/2012 20:04:49 - System Checkpoint RP1334: 17/08/2012 17:57:21 - Software Distribution Service 3.0 RP1335: 20/08/2012 09:24:08 - System Checkpoint RP1336: 29/08/2012 08:51:09 - System Checkpoint RP1337: 02/09/2012 18:24:09 - System Checkpoint RP1338: 03/09/2012 16:12:25 - Installed Microsoft Office Word Viewer 2003 RP1339: 03/09/2012 17:29:12 - Installed Java 6 Update 35 RP1340: 04/09/2012 07:40:39 - Software Distribution Service 3.0 RP1341: 09/09/2012 17:09:10 - System Checkpoint RP1342: 12/09/2012 07:33:29 - Software Distribution Service 3.0 RP1343: 14/09/2012 09:41:41 - System Checkpoint RP1344: 14/09/2012 16:35:45 - Removed WinBMD 7. RP1345: 14/09/2012 16:36:01 - Installed WinBMD 7. RP1346: 18/09/2012 17:58:08 - Installed Compatibility Pack for the 2007 Office system RP1347: 19/09/2012 07:19:08 - Software Distribution Service 3.0 RP1348: 22/09/2012 08:30:46 - Software Distribution Service 3.0 RP1349: 26/09/2012 16:37:04 - System Checkpoint RP1350: 27/09/2012 16:52:15 - System Checkpoint RP1351: 30/09/2012 09:09:14 - System Checkpoint RP1352: 03/10/2012 08:32:21 - System Checkpoint RP1353: 05/10/2012 16:05:24 - System Checkpoint RP1354: 07/10/2012 12:51:31 - System Checkpoint RP1355: 10/10/2012 07:43:43 - Software Distribution Service 3.0 RP1356: 11/10/2012 17:02:11 - System Checkpoint RP1357: 13/10/2012 09:45:04 - System Checkpoint RP1358: 14/10/2012 17:52:24 - System Checkpoint RP1359: 16/10/2012 07:39:54 - Software Distribution Service 3.0 RP1360: 17/10/2012 09:42:58 - Installed Java 6 Update 37 RP1361: 18/10/2012 10:18:44 - System Checkpoint RP1362: 20/10/2012 11:46:52 - Removed UK-Info 2003 RP1363: 20/10/2012 11:52:23 - Installed UK-Info 2003 RP1364: 21/10/2012 19:18:08 - System Checkpoint RP1365: 23/10/2012 13:52:37 - System Checkpoint RP1366: 25/10/2012 12:32:17 - Removed UK-Info 2003 RP1367: 25/10/2012 12:39:29 - Installed UK-Info 2003 RP1368: 26/10/2012 20:58:54 - System Checkpoint RP1369: 26/10/2012 23:34:33 - Removed UK-Info 2003 RP1370: 28/10/2012 11:10:24 - System Checkpoint RP1371: 30/10/2012 18:16:32 - System Checkpoint RP1372: 01/11/2012 08:41:55 - System Checkpoint RP1373: 01/11/2012 14:50:22 - Installed Microsoft Office 2000 Resource Kit Tools and Utilities RP1374: 02/11/2012 10:35:25 - Removed HP Photo and Imaging 2.1 - Scanjet 2400 Series RP1375: 04/11/2012 11:02:57 - System Checkpoint RP1376: 05/11/2012 16:26:23 - System Checkpoint . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop 6.0 Adobe Reader 9.5.2 BT Desktop Help BTHomeHub BullGuard 9.0 Compatibility Pack for the 2007 Office system Critical Update for Windows Media Player 11 (KB959772) EPSON Copy Utility 3 EPSON Printer Software EPSON Scan ESC84 Software Guide ESET Online Scanner v3 Family Historian PDF File (novaPDF 6.1 printer) Family History Resource File Viewer 4.0 Family Tree Maker 2005 FamilySearch Indexing Google Earth Plug-in Google Update Helper GoToAssist Corporate Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Memories Disc Intel® 537EP Modem Java Auto Updater Java 6 Update 37 Junk Mail filter update LizardTech DjVu Control LizardTech DjVu Control (autoinstall) Malwarebytes Anti-Malware version 1.65.1.1000 Micrografx Picture Publisher 7 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft IntelliPoint 6.01 Microsoft IntelliType Pro 6.01 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 Resource Kit Tools and Utilities Microsoft Office 2000 Small Business Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Press Interactive Training Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works 6-9 Converter Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT Nero Suite Personal Ancestral File 5 Personal Ancestral File Companion 5.4 ScanToWeb Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI SiS VGA Utilities SiSAGP driver SoundMAX TeamViewer 7 Tweak UI UK-Info Disk 2002 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2362765) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) User Profile Hive Cleanup Service WebFldrs XP WinBMD 7 Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Safety Scanner Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 Yahoo! BrowserPlus 2.8.1 Yahoo! Software Update . ==== Event Viewer Messages From Past Week ======== . 05/11/2012 07:07:55, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect. 05/11/2012 07:07:55, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 05/11/2012 07:07:54, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} 02/11/2012 22:49:03, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 02/11/2012 06:58:34, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service. 02/11/2012 06:55:59, error: Service Control Manager [7000] - The ScanDrv service failed to start due to the following error: The system cannot find the file specified. 01/11/2012 22:31:37, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service. 01/11/2012 07:04:39, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect. 01/11/2012 07:04:39, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
  11. carolcoleman8353
    Thank you,but I have XP,and a really old computer. I don't know how to disable anything. I might have to take my computer to the £50 an hour repair man then? Oh dear !!! Rgrds
  12. carolcoleman8353
    I've run a malware check and nothing comes up,so why does it keep doing this? 2012/11/06 07:12:55 GMT OFFICE MESSAGE Starting protection 2012/11/06 07:12:55 GMT OFFICE MESSAGE Protection started successfully 2012/11/06 07:12:55 GMT OFFICE MESSAGE Starting IP protection 2012/11/06 07:13:19 GMT OFFICE Owner MESSAGE IP Protection started successfully 2012/11/06 09:04:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:44 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:49 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:49 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:50 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:53 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:04:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:02 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:10 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:10 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:13 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:17 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:22 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:23 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:24 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:27 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:44 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:47 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:53 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:58 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:59 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:05:59 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:04 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:15 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:15 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:17 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:19 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:20 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:25 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:26 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:36 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:36 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:37 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:37 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:40 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:40 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:06:58 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:18 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:30 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:08:39 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:26 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:29 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:35 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:47 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:50 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing) 2012/11/06 09:10:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.